From bdd5c41d00b7fc7d051dec2f528176c2c2d2a8e8 Mon Sep 17 00:00:00 2001
From: valoq <valoq@mailbox.org>
Date: Wed, 6 Aug 2025 14:03:31 +0200
Subject: [PATCH] add profiles for wayland screen capture tools

---
 apparmor.d/profiles-g-l/grim  | 21 +++++++++++++++++++++
 apparmor.d/profiles-s-z/slurp | 23 +++++++++++++++++++++++
 2 files changed, 44 insertions(+)
 create mode 100644 apparmor.d/profiles-g-l/grim
 create mode 100644 apparmor.d/profiles-s-z/slurp

diff --git a/apparmor.d/profiles-g-l/grim b/apparmor.d/profiles-g-l/grim
new file mode 100644
index 000000000..0ded3d315
--- /dev/null
+++ b/apparmor.d/profiles-g-l/grim
@@ -0,0 +1,21 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2025 valoq <valoq@mailbox.org>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/4.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/grim
+profile grim @{exec_path} {
+  include <abstractions/base>
+  include <abstraction/user-write-strict>
+
+  @{exec_path} mr,
+
+  owner /dev/shm/grim-@{rand6} rw,
+
+  include if exists <local/grim>
+}
+
+# vim:syntax=apparmor
diff --git a/apparmor.d/profiles-s-z/slurp b/apparmor.d/profiles-s-z/slurp
new file mode 100644
index 000000000..8d5bcc217
--- /dev/null
+++ b/apparmor.d/profiles-s-z/slurp
@@ -0,0 +1,23 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2025 valoq <valoq@mailbox.org>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/4.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/slurp
+profile slurp @{exec_path} {
+  include <abstractions/base>
+  
+  @{exec_path} mr,
+
+  /usr/share/icons/{,**} r,
+
+# often used in combination with grim screen cature tool
+  owner /dev/shm/grim-@{rand6} rw,
+
+  include if exists <local/slurp>
+}
+
+# vim:syntax=apparmor