From 80f5c50f139431b67cd81f25ebf42f177393d623 Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Sun, 13 Apr 2025 19:04:44 +0200
Subject: [PATCH] feat(profile): ensure flatpak can handle chromium based
 software.

fix  #715
---
 apparmor.d/groups/flatpak/flatpak-app | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/apparmor.d/groups/flatpak/flatpak-app b/apparmor.d/groups/flatpak/flatpak-app
index e332f50ca..397475a43 100644
--- a/apparmor.d/groups/flatpak/flatpak-app
+++ b/apparmor.d/groups/flatpak/flatpak-app
@@ -41,12 +41,12 @@ profile flatpak-app flags=(attach_disconnected,mediate_deleted) {
   network netlink raw,
   network unix stream,
 
-  ptrace (read),
+  ptrace read,
   ptrace trace peer=flatpak-app,
 
   signal receive peer=flatpak,
   signal receive set=(int term) peer=flatpak-portal,
-  signal receive set=(int) peer=flatpak-session-helper,
+  signal receive set=(int term) peer=flatpak-session-helper,
 
   @{bin}/**                            rmix,
   @{lib}/**                            rmix,
@@ -57,6 +57,7 @@ profile flatpak-app flags=(attach_disconnected,mediate_deleted) {
   /var/lib/flatpak/app/*/**/@{bin}/**  rmix,
   /var/lib/flatpak/app/*/**/@{lib}/**  rmix,
 
+  @{run}/flatpak/app/*/.org.chromium.Chromium.@{rand6} rm,
   @{run}/flatpak/app/*/**so*           rm,
   @{run}/parent/@{bin}/**              rmix,
   @{run}/parent/@{lib}/**              rmix,