feat(profile): add profiles for whoopsie.

apparmor.d/profiles-s-z/whoopsie

@@ -0,0 +1,31 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2025 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/4.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/whoopsie
+profile whoopsie @{exec_path} {
+  include <abstractions/base>
+  include <abstractions/nameservice-strict>
+
+  capability setgid,
+  capability setuid,
+
+  @{exec_path} mr,
+
+  /var/crash/ r,
+
+  /var/lib/whoopsie/ rw,
+  /var/lib/whoopsie/whoopsie-id rw,
+  /var/lib/whoopsie/whoopsie-id.@{rand6} rw,
+
+  owner @{run}/lock/whoopsie/ rw,
+  owner @{run}/lock/whoopsie/lock rwk,
+
+  include if exists <local/whoopsie>
+}
+
+# vim:syntax=apparmor

apparmor.d/profiles-s-z/whoopsie-preferences

@@ -0,0 +1,34 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2025 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/4.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/whoopsie-preferences
+profile whoopsie-preferences @{exec_path} {
+  include <abstractions/base>
+  include <abstractions/bus-system>
+  include <abstractions/nameservice-strict>
+
+  #aa:dbus own bus=system name=com.ubuntu.WhoopsiePreferences
+
+  @{exec_path} mr,
+
+  @{bin}/systemctl Cx -> systemctl,
+
+  /etc/whoopsie w,
+  /etc/whoopsie.@{rand6} rw,
+
+  profile systemctl {
+    include <abstractions/base>
+    include <abstractions/app/systemctl>
+
+    include if exists <local/whoopsie-preferences_systemctl>
+  }
+
+  include if exists <local/whoopsie-preferences>
+}
+
+# vim:syntax=apparmor

dists/flags/main.flags

@@ -404,6 +404,8 @@ waybar attach_disconnected,complain
 wechat attach_disconnected,complain
 wechat-appimage attach_disconnected,complain
 wg-quick complain
+whoopsie complain
+whoopsie-preferences complain
 wsdd complain
 xdg-dbus-proxy attach_disconnected,complain
 xdg-desktop-icon complain