From 97676dcf711dfb43c402195a7e9ba6dd85facba6 Mon Sep 17 00:00:00 2001
From: curiosityseeker <60518106+curiosityseeker@users.noreply.github.com>
Date: Sun, 22 Sep 2024 12:40:42 +0200
Subject: [PATCH] Update sudo

Condensing requests like:

@{sys}/fs/cgroup/{hostcritical,system,unevictable,user}.slice/*.service/cgroup.procs r,
@{sys}/fs/cgroup/system.slice/system-getty.slice/getty@tty3.service/cgroup.procs r,
@{sys}/fs/cgroup/user.slice/user-1000.slice/user@1000.service/cgroup.procs r,
@{sys}/fs/cgroup/system.slice/system-getty.slice/getty@tty3.service/cgroup.procs r,
@{sys}/fs/cgroup/user.slice/user-1000.slice/user@1000.service/cgroup.procs r,
@{sys}/fs/cgroup/user.slice/user-968.slice/user@968.service/cgroup.procs r,
---
 apparmor.d/profiles-s-z/sudo | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/apparmor.d/profiles-s-z/sudo b/apparmor.d/profiles-s-z/sudo
index 6f01bc8f0..9574b98d1 100644
--- a/apparmor.d/profiles-s-z/sudo
+++ b/apparmor.d/profiles-s-z/sudo
@@ -48,6 +48,8 @@ profile sudo @{exec_path} flags=(attach_disconnected) {
   @{run}/systemd/sessions/* r,
   @{run}/systemd/sessions/?@{int}.ref rw,
 
+  @{sys}/fs/cgroup/*.slice{,/*.slice}/*.service/cgroup.procs r,
+
   include if exists <local/sudo>
 }