From 806f0a64f820acaf211d50e77d42d972b8ee51a0 Mon Sep 17 00:00:00 2001
From: Roman Beslik <me@beroal.in.ua>
Date: Fri, 4 Oct 2024 17:13:32 +0300
Subject: [PATCH] small fixes

---
 apparmor.d/profiles-a-f/briar-desktop     | 12 +++++-------
 apparmor.d/profiles-a-f/briar-desktop-tor | 10 ++++------
 2 files changed, 9 insertions(+), 13 deletions(-)

diff --git a/apparmor.d/profiles-a-f/briar-desktop b/apparmor.d/profiles-a-f/briar-desktop
index 586c596b6..dbf0f9aa6 100644
--- a/apparmor.d/profiles-a-f/briar-desktop
+++ b/apparmor.d/profiles-a-f/briar-desktop
@@ -21,8 +21,6 @@ profile briar-desktop @{exec_path} {
   network inet6 dgram,
   network inet6 stream,
 
-  @{lib}/jvm/java*/lib/jspawnhelper Cx -> jspawnhelper,
-
   ptrace read peer=briar-desktop-tor,
   ptrace read peer=@{profile_name}//jspawnhelper,
 
@@ -30,14 +28,14 @@ profile briar-desktop @{exec_path} {
 
   @{lib}/jvm/java*/bin/java rix,
   @{lib}/jvm/java*/lib/** rm,
+  @{lib}/jvm/java*/lib/jspawnhelper Cx -> jspawnhelper,
   @{sh_path} mr,
 
-  @{system_share_dirs}/icons/{,**} r,
   @{system_share_dirs}/java/briar-desktop.jar r,
 
-  /etc/java*/{{logging,net,sound}.properties,security/java.{security,policy}} r,
+  /etc/java*/{,**} r,
 
-  owner @{HOME}/.briar/{,**} rw,
+  owner @{HOME}/.briar/desktop/{,**} rw,
   owner @{HOME}/.briar/desktop/db/db.mv.db k,
 
   owner @{HOME}/.java/{,.userPrefs/{,org/}} w,
@@ -55,8 +53,8 @@ profile briar-desktop @{exec_path} {
 
   owner @{tmp}/hsperfdata_@{user}/ rw,
   owner @{tmp}/hsperfdata_@{user}/@{pid} rwk,
-  owner @{tmp}/imageio[0-9]*.tmp rw,
-  owner @{tmp}/jna[0-9]*.tmp mrw,
+  owner @{tmp}/imageio@{u64}.tmp rw,
+  owner @{tmp}/jna@{u64}.tmp mrw,
 
   @{sys}/devices/system/cpu/cpu@{int}/microcode/version r,
   @{sys}/fs/cgroup/user.slice/user-@{uid}.slice/session-@{int}.scope/{cpu,memory}.max r,
diff --git a/apparmor.d/profiles-a-f/briar-desktop-tor b/apparmor.d/profiles-a-f/briar-desktop-tor
index 0bc07426d..90785e94a 100644
--- a/apparmor.d/profiles-a-f/briar-desktop-tor
+++ b/apparmor.d/profiles-a-f/briar-desktop-tor
@@ -13,17 +13,15 @@ profile briar-desktop-tor {
   network inet6 stream,
   network netlink raw,
 
-  owner @{HOME}/.briar/desktop/tor/obfs4proxy Cx -> obfs4proxy,
-  owner @{HOME}/.briar/desktop/tor/snowflake Cx -> snowflake,
-
   signal send set=term peer=briar-desktop-tor//obfs4proxy,
   signal send set=term peer=briar-desktop-tor//snowflake, 
 
-  owner @{HOME}/.briar/desktop/tor/tor r,
-
-  owner @{HOME}/.briar/desktop/tor/torrc r,
   owner @{HOME}/.briar/desktop/tor/.tor/{,**} rw,
   owner @{HOME}/.briar/desktop/tor/.tor/lock k,
+  owner @{HOME}/.briar/desktop/tor/obfs4proxy Cx -> obfs4proxy,
+  owner @{HOME}/.briar/desktop/tor/snowflake Cx -> snowflake,
+  owner @{HOME}/.briar/desktop/tor/tor r,
+  owner @{HOME}/.briar/desktop/tor/torrc r,
 
   @{PROC}/sys/kernel/random/uuid r,