diff --git a/apparmor.d/groups/apps/signal-desktop b/apparmor.d/groups/apps/signal-desktop index 6c8525f48..912d95760 100644 --- a/apparmor.d/groups/apps/signal-desktop +++ b/apparmor.d/groups/apps/signal-desktop @@ -37,7 +37,7 @@ profile signal-desktop @{exec_path} { /var/lib/dbus/machine-id r, /etc/machine-id r, - @{run}/systemd/inhibit/*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{sys}/fs/cgroup/user.slice/user-@{uid}.slice/session-@{int}.scope/cpu.max r, @{sys}/fs/cgroup/user.slice/user-@{uid}.slice/session-@{int}.scope/memory.high r, diff --git a/apparmor.d/groups/apt/apt b/apparmor.d/groups/apt/apt index dcc6303c8..38bd8f3eb 100644 --- a/apparmor.d/groups/apt/apt +++ b/apparmor.d/groups/apt/apt @@ -149,7 +149,7 @@ profile apt @{exec_path} flags=(attach_disconnected) { /dev/ptmx rw, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, profile editor flags=(complain) { include diff --git a/apparmor.d/groups/apt/unattended-upgrade b/apparmor.d/groups/apt/unattended-upgrade index f5caa7b65..eaac10851 100644 --- a/apparmor.d/groups/apt/unattended-upgrade +++ b/apparmor.d/groups/apt/unattended-upgrade @@ -100,7 +100,7 @@ profile unattended-upgrade @{exec_path} flags=(attach_disconnected) { /var/log/apt/{term,history}.log w, /var/log/apt/eipp.log.xz w, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, owner @{run}/unattended-upgrades.lock rwk, owner @{run}/unattended-upgrades.pid rw, owner @{run}/unattended-upgrades.progress rw, diff --git a/apparmor.d/groups/apt/unattended-upgrade-shutdown b/apparmor.d/groups/apt/unattended-upgrade-shutdown index 65f8a30d2..bd963a006 100644 --- a/apparmor.d/groups/apt/unattended-upgrade-shutdown +++ b/apparmor.d/groups/apt/unattended-upgrade-shutdown @@ -25,7 +25,7 @@ profile unattended-upgrade-shutdown @{exec_path} flags=(attach_disconnected) { owner /var/log/unattended-upgrades/*.log* rw, owner @{run}/unattended-upgrades.lock rwk, - owner @{run}/systemd/inhibit/[0-9]*.ref rw, + owner @{run}/systemd/inhibit/@{int}.ref rw, owner @{PROC}/@{pid}/mounts r, diff --git a/apparmor.d/groups/bus/dbus-system b/apparmor.d/groups/bus/dbus-system index e63d51eaa..f532bb29b 100644 --- a/apparmor.d/groups/bus/dbus-system +++ b/apparmor.d/groups/bus/dbus-system @@ -53,7 +53,7 @@ profile dbus-system flags=(attach_disconnected) { @{user_share_dirs}/icc/ r, @{user_share_dirs}/icc/edid-@{hex32}.icc r, - @{run}/systemd/inhibit/*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{run}/systemd/notify w, @{run}/systemd/sessions/*.ref rw, @{run}/systemd/users/@{int} r, diff --git a/apparmor.d/groups/freedesktop/upowerd b/apparmor.d/groups/freedesktop/upowerd index 92e6148b3..aa93e0267 100644 --- a/apparmor.d/groups/freedesktop/upowerd +++ b/apparmor.d/groups/freedesktop/upowerd @@ -40,7 +40,7 @@ profile upowerd @{exec_path} flags=(attach_disconnected) { @{run}/udev/data/c13:@{int} r, # for /dev/input/* @{run}/udev/data/c116:@{int} r, # for ALSA - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{sys}/bus/hid/devices/ r, @{sys}/class/input/ r, diff --git a/apparmor.d/groups/gnome/gnome-music b/apparmor.d/groups/gnome/gnome-music index 69273720e..710393390 100644 --- a/apparmor.d/groups/gnome/gnome-music +++ b/apparmor.d/groups/gnome/gnome-music @@ -45,7 +45,7 @@ profile gnome-music @{exec_path} flags=(attach_disconnected) { owner @{user_share_dirs}/grilo-plugins/ rwk, owner @{user_share_dirs}/grilo-plugins/*.db{,-shm,-journal,-wal} rwk, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, owner @{tmp}/grilo-plugin-cache-[0-9A-Z]*/ rw, owner /var/tmp/etilqs_@{hex15} rw, diff --git a/apparmor.d/groups/gnome/gnome-session-binary b/apparmor.d/groups/gnome/gnome-session-binary index 2f00b527a..e08ae61d3 100644 --- a/apparmor.d/groups/gnome/gnome-session-binary +++ b/apparmor.d/groups/gnome/gnome-session-binary @@ -84,7 +84,7 @@ profile gnome-session-binary @{exec_path} flags=(attach_disconnected) { owner @{user_config_dirs}/gnome-session/ rw, owner @{user_config_dirs}/gnome-session/saved-session/ rw, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{run}/systemd/sessions/* r, @{run}/systemd/sessions/*.ref rw, @{run}/systemd/users/@{uid} r, diff --git a/apparmor.d/groups/gnome/gnome-shell b/apparmor.d/groups/gnome/gnome-shell index 256309abd..6950304fc 100644 --- a/apparmor.d/groups/gnome/gnome-shell +++ b/apparmor.d/groups/gnome/gnome-shell @@ -307,7 +307,7 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) { @{run}/systemd/seats/seat@{int} r, @{run}/systemd/sessions/ r, @{run}/systemd/sessions/* r, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{run}/udev/tags/seat/ r, diff --git a/apparmor.d/groups/gnome/gnome-software b/apparmor.d/groups/gnome/gnome-software index f5652135a..290aa4454 100644 --- a/apparmor.d/groups/gnome/gnome-software +++ b/apparmor.d/groups/gnome/gnome-software @@ -108,7 +108,7 @@ profile gnome-software @{exec_path} { owner /dev/shm/flatpak-com.*/ rw, owner /dev/shm/flatpak-com.*/.flatpak-tmpdir rw, - @{run}/systemd/inhibit/*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{run}/systemd/sessions/@{int} r, @{run}/systemd/users/@{uid} r, diff --git a/apparmor.d/groups/gnome/gsd-media-keys b/apparmor.d/groups/gnome/gsd-media-keys index 9a799d444..6ed820866 100644 --- a/apparmor.d/groups/gnome/gsd-media-keys +++ b/apparmor.d/groups/gnome/gsd-media-keys @@ -96,7 +96,7 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) { owner @{user_share_dirs}/recently-used.xbel{,.*} rw, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{run}/udev/data/+sound:card@{int} r, # For sound card @{run}/udev/data/c13:@{int} r, # for /dev/input/* diff --git a/apparmor.d/groups/gnome/gsd-power b/apparmor.d/groups/gnome/gsd-power index 2c21bc4fd..0f4b3cd3c 100644 --- a/apparmor.d/groups/gnome/gsd-power +++ b/apparmor.d/groups/gnome/gsd-power @@ -64,7 +64,7 @@ profile gsd-power @{exec_path} flags=(attach_disconnected) { @{run}/udev/data/+drm:card@{int}-* r, # For screen outputs @{run}/udev/data/+leds:* r, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{sys}/bus/ r, @{sys}/class/ r, diff --git a/apparmor.d/groups/kde/kde-powerdevil b/apparmor.d/groups/kde/kde-powerdevil index 64371caaa..a37fea7a0 100644 --- a/apparmor.d/groups/kde/kde-powerdevil +++ b/apparmor.d/groups/kde/kde-powerdevil @@ -46,7 +46,7 @@ profile kde-powerdevil @{exec_path} flags=(attach_disconnected mediate_deleted) owner @{user_config_dirs}/powermanagementprofilesrc.lock rwk, owner @{user_config_dirs}/powermanagementprofilesrc{,.@{rand6}} rwl -> @{user_config_dirs}/#@{int}, - @{run}/systemd/inhibit/*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{run}/udev/data/c189:@{int} r, # for /dev/bus/usb/** owner @{run}/user/@{uid}kcrash_@{int} rw, diff --git a/apparmor.d/groups/kde/ksmserver b/apparmor.d/groups/kde/ksmserver index 5f6c9ceb6..f768cad0c 100644 --- a/apparmor.d/groups/kde/ksmserver +++ b/apparmor.d/groups/kde/ksmserver @@ -69,7 +69,7 @@ profile ksmserver @{exec_path} flags=(attach_disconnected,mediate_deleted) { owner @{tmp}/@{rand6} rw, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, owner @{run}/user/@{uid}/KSMserver__[0-9] rw, /dev/tty r, diff --git a/apparmor.d/groups/kde/kwin_wayland b/apparmor.d/groups/kde/kwin_wayland index 7bed8beca..95abaa2a6 100644 --- a/apparmor.d/groups/kde/kwin_wayland +++ b/apparmor.d/groups/kde/kwin_wayland @@ -103,7 +103,7 @@ profile kwin_wayland @{exec_path} flags=(attach_disconnected mediate_deleted) { owner @{user_share_dirs}/kscreen/* r, owner @{user_share_dirs}/kwin/scripts/{,**} r, - @{run}/systemd/inhibit/*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{sys}/bus/ r, @{sys}/class/ r, diff --git a/apparmor.d/groups/network/ModemManager b/apparmor.d/groups/network/ModemManager index fad5908b4..06e0c0fe5 100644 --- a/apparmor.d/groups/network/ModemManager +++ b/apparmor.d/groups/network/ModemManager @@ -34,7 +34,7 @@ profile ModemManager @{exec_path} flags=(attach_disconnected) { @{run}/udev/data/c5:@{int} r, # for /dev/tty, /dev/console, /dev/ptmx @{run}/udev/data/n@{int} r, - @{run}/systemd/inhibit/*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{sys}/bus/ r, @{sys}/bus/usb/devices/ r, diff --git a/apparmor.d/groups/network/NetworkManager b/apparmor.d/groups/network/NetworkManager index e5e9b0785..f8612b4dc 100644 --- a/apparmor.d/groups/network/NetworkManager +++ b/apparmor.d/groups/network/NetworkManager @@ -122,7 +122,7 @@ profile NetworkManager @{exec_path} flags=(attach_disconnected) { @{run}/NetworkManager/{,**} rw, @{run}/nm-*.pid rw, @{run}/nscd/db* rwl, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{run}/systemd/users/@{uid} r, @{run}/udev/data/+pci:* r, # Identifies all PCI devices (CPU, GPU, Network, Disks, USB, etc.) @{run}/udev/data/+platform:* r, diff --git a/apparmor.d/groups/network/mullvad-gui b/apparmor.d/groups/network/mullvad-gui index 7533b107c..48534d676 100644 --- a/apparmor.d/groups/network/mullvad-gui +++ b/apparmor.d/groups/network/mullvad-gui @@ -32,7 +32,7 @@ profile mullvad-gui @{exec_path} flags=(attach_disconnected) { owner @{tmp}/.org.chromium.Chromium.@{rand6}/@{name}*.png rw, - @{run}/systemd/inhibit/*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, /dev/tty rw, diff --git a/apparmor.d/groups/systemd/systemd-inhibit b/apparmor.d/groups/systemd/systemd-inhibit index 755cfe5ee..01b3e0bcd 100644 --- a/apparmor.d/groups/systemd/systemd-inhibit +++ b/apparmor.d/groups/systemd/systemd-inhibit @@ -18,7 +18,7 @@ profile systemd-inhibit @{exec_path} flags=(attach_disconnected) { @{bin}/cat rix, - @{run}/systemd/inhibit/*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, include if exists } diff --git a/apparmor.d/groups/systemd/systemd-logind b/apparmor.d/groups/systemd/systemd-logind index 9a0a2c7d7..8db1923e5 100644 --- a/apparmor.d/groups/systemd/systemd-logind +++ b/apparmor.d/groups/systemd/systemd-logind @@ -96,7 +96,7 @@ profile systemd-logind @{exec_path} flags=(attach_disconnected) { @{run}/systemd/inhibit/ rw, @{run}/systemd/inhibit/.#* rw, - @{run}/systemd/inhibit/[0-9]*{,.ref} rw, + @{run}/systemd/inhibit/@{int}{,.ref} rw, @{run}/systemd/journal/socket rw, @{run}/systemd/notify rw, @{run}/systemd/seats/ rw, diff --git a/apparmor.d/groups/ubuntu/update-manager b/apparmor.d/groups/ubuntu/update-manager index 0ee70c39b..2811b16e3 100644 --- a/apparmor.d/groups/ubuntu/update-manager +++ b/apparmor.d/groups/ubuntu/update-manager @@ -70,7 +70,7 @@ profile update-manager @{exec_path} flags=(attach_disconnected) { owner @{user_cache_dirs}/update-manager-core/{,**} rw, - @{run}/systemd/inhibit/*.ref w, + @{run}/systemd/inhibit/@{int}.ref rw, @{PROC}/@{pids}/mountinfo r, owner @{PROC}/@{pid}/fd/ r, diff --git a/apparmor.d/groups/virt/libvirtd b/apparmor.d/groups/virt/libvirtd index a755c1672..4f8c76a81 100644 --- a/apparmor.d/groups/virt/libvirtd +++ b/apparmor.d/groups/virt/libvirtd @@ -157,7 +157,7 @@ profile libvirtd @{exec_path} flags=(attach_disconnected) { @{run}/libvirt/** rwk, @{run}/libvirtd.pid wk, @{run}/lock/LCK.._pts_@{int} rw, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{run}/systemd/notify w, @{run}/utmp rk, diff --git a/apparmor.d/groups/virt/virtinterfaced b/apparmor.d/groups/virt/virtinterfaced index 96d135912..ccda93f6b 100644 --- a/apparmor.d/groups/virt/virtinterfaced +++ b/apparmor.d/groups/virt/virtinterfaced @@ -20,7 +20,7 @@ profile virtinterfaced @{exec_path} flags=(attach_disconnected) { @{lib}/gconv/gconv-modules rm, @{lib}/gconv/gconv-modules.d/{,*} r, - @{run}/systemd/inhibit/*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, owner @{run}/user/@{uid}/libvirt/common/system.token rwk, owner @{run}/user/@{uid}/libvirt/interface/ rw, owner @{run}/user/@{uid}/libvirt/interface/run/{,*} rwk, diff --git a/apparmor.d/groups/virt/virtlogd b/apparmor.d/groups/virt/virtlogd index b06ad67f1..0cb7202ee 100644 --- a/apparmor.d/groups/virt/virtlogd +++ b/apparmor.d/groups/virt/virtlogd @@ -30,7 +30,7 @@ profile virtlogd @{exec_path} flags=(attach_disconnected) { @{run}/libvirt/common/system.token rwk, @{run}/libvirt/virtlogd-sock rw, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{run}/virtlogd.pid rwk, @{sys}/devices/system/node/ r, diff --git a/apparmor.d/groups/virt/virtnetworkd b/apparmor.d/groups/virt/virtnetworkd index a2c02368b..fa4e0a5d5 100644 --- a/apparmor.d/groups/virt/virtnetworkd +++ b/apparmor.d/groups/virt/virtnetworkd @@ -25,7 +25,7 @@ profile virtnetworkd @{exec_path} flags=(attach_disconnected) { owner /var/lib/libvirt/dnsmasq/*.macs* rw, @{run}/libvirt/network/default.pid r, - @{run}/systemd/inhibit/*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{run}/utmp rk, owner @{run}/libvirt/common/system.token rwk, owner @{run}/libvirt/network/{,**} rwk, diff --git a/apparmor.d/groups/virt/virtnodedevd b/apparmor.d/groups/virt/virtnodedevd index a39c04504..38f84a8eb 100644 --- a/apparmor.d/groups/virt/virtnodedevd +++ b/apparmor.d/groups/virt/virtnodedevd @@ -33,7 +33,7 @@ profile virtnodedevd @{exec_path} flags=(attach_disconnected) { /etc/libvirt/virtnodedevd.conf r, /etc/mdevctl.d/{,**} r, - @{run}/systemd/inhibit/*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, owner @{run}/libvirt/common/system.token rwk, owner @{run}/libvirt/nodedev/ rw, owner @{run}/libvirt/nodedev/driver.pid wk, diff --git a/apparmor.d/groups/virt/virtsecretd b/apparmor.d/groups/virt/virtsecretd index cdded1152..f6c56ca10 100644 --- a/apparmor.d/groups/virt/virtsecretd +++ b/apparmor.d/groups/virt/virtsecretd @@ -20,7 +20,7 @@ profile virtsecretd @{exec_path} flags=(attach_disconnected) { owner @{user_config_dirs}/libvirt/secrets/ rw, owner @{user_config_dirs}/libvirt/secrets/run/{,*} rwk, - @{run}/systemd/inhibit/*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, owner @{run}/user/@{uid}/libvirt/common/system.token rwk, owner @{run}/user/@{uid}/libvirt/secrets/ rw, owner @{run}/user/@{uid}/libvirt/secrets/run/{,*} rwk, diff --git a/apparmor.d/groups/virt/virtstoraged b/apparmor.d/groups/virt/virtstoraged index 7c6f7207b..7130edfa6 100644 --- a/apparmor.d/groups/virt/virtstoraged +++ b/apparmor.d/groups/virt/virtstoraged @@ -55,7 +55,7 @@ profile virtstoraged @{exec_path} flags=(attach_disconnected) { owner @{run}/libvirt/storage/{,**} rwk, owner @{run}/virtstoraged.pid rwk, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{run}/utmp rwk, @{sys}/devices/system/node/ r, diff --git a/apparmor.d/groups/xfce/xfce-power-manager b/apparmor.d/groups/xfce/xfce-power-manager index d286280f0..f0654ac68 100644 --- a/apparmor.d/groups/xfce/xfce-power-manager +++ b/apparmor.d/groups/xfce/xfce-power-manager @@ -21,7 +21,7 @@ profile xfce-power-manager @{exec_path} flags=(attach_disconnected) { owner @{PROC}/@{pid}/cgroup r, owner @{PROC}/@{pid}/stat r, - @{run}/systemd/inhibit/*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, include if exists } diff --git a/apparmor.d/groups/xfce/xfce-screensaver b/apparmor.d/groups/xfce/xfce-screensaver index e441b84b8..aaa5f7fa4 100644 --- a/apparmor.d/groups/xfce/xfce-screensaver +++ b/apparmor.d/groups/xfce/xfce-screensaver @@ -25,7 +25,7 @@ profile xfce-screensaver @{exec_path} flags=(attach_disconnected) { /etc/xdg/menus/xfce4-screensavers.menu r, - @{run}/systemd/inhibit/*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, include if exists } diff --git a/apparmor.d/profiles-a-f/fprintd b/apparmor.d/profiles-a-f/fprintd index d856867a3..2c474b27b 100644 --- a/apparmor.d/profiles-a-f/fprintd +++ b/apparmor.d/profiles-a-f/fprintd @@ -28,7 +28,7 @@ profile fprintd @{exec_path} flags=(attach_disconnected) { /var/lib/fprint/{,**} rw, @{run}/systemd/journal/socket rw, - @{run}/systemd/inhibit/*.ref w, + @{run}/systemd/inhibit/@{int}.ref rw, @{run}/udev/data/c@{dynamic}:@{int} r, # For dynamic assignment range 234 to 254, 384 to 511 @{sys}/class/hidraw/ r, diff --git a/apparmor.d/profiles-a-f/fwupd b/apparmor.d/profiles-a-f/fwupd index 474ab630b..afb8bc367 100644 --- a/apparmor.d/profiles-a-f/fwupd +++ b/apparmor.d/profiles-a-f/fwupd @@ -98,7 +98,7 @@ profile fwupd @{exec_path} flags=(complain,attach_disconnected) { @{run}/motd.d/@{int}-fwupd* rw, @{run}/motd.d/fwupd/{,**} rw, @{run}/mount/utab r, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{run}/udev/data/* r, @{PROC}/@{pids}/fd/ r, diff --git a/apparmor.d/profiles-m-r/mission-control b/apparmor.d/profiles-m-r/mission-control index 267fb9d1a..a6f1e5803 100644 --- a/apparmor.d/profiles-m-r/mission-control +++ b/apparmor.d/profiles-m-r/mission-control @@ -24,7 +24,7 @@ profile mission-control @{exec_path} flags=(attach_disconnected) { owner @{user_config_dirs}/libaccounts-glib/accounts.db{,-shm,-wal} rwk, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, include if exists } diff --git a/apparmor.d/profiles-m-r/nvtop b/apparmor.d/profiles-m-r/nvtop index 54c9c5959..a27a9d0f9 100644 --- a/apparmor.d/profiles-m-r/nvtop +++ b/apparmor.d/profiles-m-r/nvtop @@ -23,7 +23,7 @@ profile nvtop @{exec_path} flags=(attach_disconnected) { owner @{user_config_dirs}/nvtop/{,**} rw, - @{run}/systemd/inhibit/*.ref r, + @{run}/systemd/inhibit/@{int}.ref rw, @{run}/udev/data/+drm:card@{int}-* r, # for screen outputs @{run}/udev/data/+pci:* r, # Identifies all PCI devices (CPU, GPU, Network, Disks, USB, etc.) @{run}/udev/data/c226:@{int} r, # For /dev/dri/card* diff --git a/apparmor.d/profiles-m-r/packagekitd b/apparmor.d/profiles-m-r/packagekitd index b61426196..7482cda65 100644 --- a/apparmor.d/profiles-m-r/packagekitd +++ b/apparmor.d/profiles-m-r/packagekitd @@ -93,7 +93,7 @@ profile packagekitd @{exec_path} flags=(attach_disconnected) { owner @{tmp}/apt-changelog-@{rand6}/.apt-acquire-privs-test.@{rand6} rw, owner @{tmp}/packagekit* rw, - @{run}/systemd/inhibit/*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, owner @{run}/systemd/users/@{uid} r, #aa:only opensuse diff --git a/apparmor.d/profiles-m-r/psi b/apparmor.d/profiles-m-r/psi index e764b69f8..30457cf04 100644 --- a/apparmor.d/profiles-m-r/psi +++ b/apparmor.d/profiles-m-r/psi @@ -59,7 +59,7 @@ profile psi @{exec_path} { owner @{tmp}/etilqs_@{hex16} rw, owner @{tmp}/Psi.* rwl -> /tmp/#@{int}, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, owner @{PROC}/@{pid}/cmdline r, owner @{PROC}/@{pid}/mountinfo r, diff --git a/apparmor.d/profiles-m-r/psi-plus b/apparmor.d/profiles-m-r/psi-plus index d9b1f7fd5..1427af278 100644 --- a/apparmor.d/profiles-m-r/psi-plus +++ b/apparmor.d/profiles-m-r/psi-plus @@ -59,7 +59,7 @@ profile psi-plus @{exec_path} { owner @{tmp}/etilqs_@{hex16} rw, owner @{tmp}/Psi+.* rwl -> /tmp/#@{int}, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, owner @{PROC}/@{pid}/cmdline r, owner @{PROC}/@{pid}/mountinfo r, diff --git a/apparmor.d/profiles-s-z/udisksd b/apparmor.d/profiles-s-z/udisksd index 83561941c..76be97683 100644 --- a/apparmor.d/profiles-s-z/udisksd +++ b/apparmor.d/profiles-s-z/udisksd @@ -107,7 +107,7 @@ profile udisksd @{exec_path} flags=(attach_disconnected) { @{run}/mount/utab{,.*} rwk, @{run}/udisks2/{,**} rw, @{run}/systemd/seats/seat@{int} r, - @{run}/systemd/inhibit/[0-9]*.ref rw, + @{run}/systemd/inhibit/@{int}.ref rw, @{run}/cryptsetup/ r, @{run}/cryptsetup/L* rwk,