From 7ecc84d3b0e13f5d346a906dceda14321fddae1a Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Mon, 25 Aug 2025 00:04:15 +0200
Subject: [PATCH] feat(tunable): add pp tunable, improve dbus tunables.

---
 apparmor.d/tunables/multiarch.d/profiles | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/apparmor.d/tunables/multiarch.d/profiles b/apparmor.d/tunables/multiarch.d/profiles
index 6868ae87a..d4fefb0b0 100644
--- a/apparmor.d/tunables/multiarch.d/profiles
+++ b/apparmor.d/tunables/multiarch.d/profiles
@@ -16,8 +16,8 @@
 # Name of the dbus daemon profiles
 @{p_dbus_accessibility}=dbus-accessibility
 #aa:only apparmor4.1
-@{p_dbus_system}={dbus-system,dbus-system//&unconfined}
-@{p_dbus_session}={dbus-session,dbus-session//&unconfined}
+@{p_dbus_system}={dbus-system,unconfined}
+@{p_dbus_session}={dbus-session,unconfined}
 
 #aa:exclude apparmor4.1
 @{p_dbus_system}=dbus-system
@@ -68,5 +68,12 @@
 @{p_upowerd}=upowerd
 @{p_xdg_desktop_portal}=xdg-desktop-portal
 
+# Profiles Patterns
+# Fit to an action that can be handled by multiple profiles depending on the software installed and the distribution
+
+# Notification
+@{pp_notification}={plasmashell,gjs-console}
+@{pp_app_indicator}={plasmashell,gnome-shell}
+@{pp_dbusmenu}={plasmashell,nautilus}
 
 # vim:syntax=apparmor