From a1d6d318ccaaa7790f685d3988a74ee5df752383 Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Wed, 1 May 2024 12:11:43 +0100
Subject: [PATCH] feat(profile):  tweak the new msedge profiles a bit.

---
 apparmor.d/{profiles-m-r => groups/browsers}/msedge  | 12 ++++++++----
 .../browsers}/msedge-crashpad-handlers               |  0
 .../{profiles-m-r => groups/browsers}/msedge-sandbox |  2 +-
 .../{profiles-m-r => groups/browsers}/msedge-wrapper |  2 +-
 4 files changed, 10 insertions(+), 6 deletions(-)
 rename apparmor.d/{profiles-m-r => groups/browsers}/msedge (76%)
 rename apparmor.d/{profiles-m-r => groups/browsers}/msedge-crashpad-handlers (100%)
 rename apparmor.d/{profiles-m-r => groups/browsers}/msedge-sandbox (94%)
 rename apparmor.d/{profiles-m-r => groups/browsers}/msedge-wrapper (97%)

diff --git a/apparmor.d/profiles-m-r/msedge b/apparmor.d/groups/browsers/msedge
similarity index 76%
rename from apparmor.d/profiles-m-r/msedge
rename to apparmor.d/groups/browsers/msedge
index 6c92c17cd..bab7a9653 100644
--- a/apparmor.d/profiles-m-r/msedge
+++ b/apparmor.d/groups/browsers/msedge
@@ -9,7 +9,7 @@ include <tunables/global>
 
 @{name} = msedge{,-beta,-dev}
 @{domain} = com.microsoft.Edge
-@{lib_dirs} = /opt/microsoft/msedge{,-beta,-dev}
+@{lib_dirs} = /opt/microsoft/@{name}
 @{config_dirs} = @{user_config_dirs}/microsoft-edge{,-beta,-dev}
 @{cache_dirs} = @{user_cache_dirs}/microsoft-edge{,-beta,-dev}
 
@@ -19,19 +19,23 @@ profile msedge @{exec_path} {
   include <abstractions/app/chromium>
 
   @{exec_path} mrix,
-  @{lib_dirs}/microsoft-edge{,beta,-dev} rpx,
 
-  @{bin}/man  rpux, #  For "chrome --help"
+  @{bin}/man  rPUx, #  For "chrome --help"
 
   @{lib_dirs}/xdg-mime       rix, #-> xdg-mime,
   @{lib_dirs}/xdg-settings   rix, #-> xdg-settings,
  
-  @{lib_dirs}/msedge_crashpad_handler rpx,
+  @{lib_dirs}/microsoft-edge{,beta,-dev}  rPx,
+  @{lib_dirs}/msedge_crashpad_handler     rPx,
 
   @{lib_dirs}/*.so* mr,
   @{lib_dirs}/WidevineCdm/_platform_specific/linux_*/libwidevinecdm.so mr,
 
+  owner @{user_cache_dirs}/Microsoft/ rw,
   owner @{user_cache_dirs}/Microsoft/** rwk,
 
+  owner /tmp/.ses rw,
+  owner /tmp/cv_debug.log rw,
+
   include if exists <local/msedge>
 }
diff --git a/apparmor.d/profiles-m-r/msedge-crashpad-handlers b/apparmor.d/groups/browsers/msedge-crashpad-handlers
similarity index 100%
rename from apparmor.d/profiles-m-r/msedge-crashpad-handlers
rename to apparmor.d/groups/browsers/msedge-crashpad-handlers
diff --git a/apparmor.d/profiles-m-r/msedge-sandbox b/apparmor.d/groups/browsers/msedge-sandbox
similarity index 94%
rename from apparmor.d/profiles-m-r/msedge-sandbox
rename to apparmor.d/groups/browsers/msedge-sandbox
index f81921451..f708d2d46 100644
--- a/apparmor.d/profiles-m-r/msedge-sandbox
+++ b/apparmor.d/groups/browsers/msedge-sandbox
@@ -21,7 +21,7 @@ profile msedge-sandbox @{exec_path} {
 
   @{exec_path} mr,
 
-  @{lib_dirs}/msedge{,-beta,-dev}      rpx,
+  @{lib_dirs}/msedge{,-beta,-dev}      rPx,
 
         @{PROC} r,
         @{PROC}/@{pids}/ r,
diff --git a/apparmor.d/profiles-m-r/msedge-wrapper b/apparmor.d/groups/browsers/msedge-wrapper
similarity index 97%
rename from apparmor.d/profiles-m-r/msedge-wrapper
rename to apparmor.d/groups/browsers/msedge-wrapper
index b35fbdd36..e141cff73 100644
--- a/apparmor.d/profiles-m-r/msedge-wrapper
+++ b/apparmor.d/groups/browsers/msedge-wrapper
@@ -24,7 +24,7 @@ profile msedge-wrapper @{exec_path} flags=(attach_disconnected) {
   @{bin}/touch                 rix,
   @{bin}/which{,.debianutils}  rix,
 
-  @{lib_dirs}/msedge   rpx,
+  @{lib_dirs}/msedge   rPx,
 
   owner @{user_config_dirs}/msedge-flags.conf r,