From dd14fe871d0fde1fcfa03c1998fd664eb0e62593 Mon Sep 17 00:00:00 2001
From: Besanon <m231009ts@mailfence.com>
Date: Mon, 21 Oct 2024 14:19:52 +0200
Subject: [PATCH] Update startlxqt

---
 apparmor.d/groups/lxqt/startlxqt | 48 ++++++++++++++++++++++----------
 1 file changed, 33 insertions(+), 15 deletions(-)

diff --git a/apparmor.d/groups/lxqt/startlxqt b/apparmor.d/groups/lxqt/startlxqt
index 9691e294d..d03cf81d9 100644
--- a/apparmor.d/groups/lxqt/startlxqt
+++ b/apparmor.d/groups/lxqt/startlxqt
@@ -1,6 +1,5 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
-# Copyright (C) 2024 Besanon <m231009ts@mailfence.com>
 # SPDX-License-Identifier: GPL-2.0-only
 
 abi <abi/3.0>,
@@ -10,8 +9,9 @@ include <tunables/global>
 @{exec_path} = @{bin}/startlxqt
 profile startlxqt @{exec_path} {
   include <abstractions/base>
+  include <abstractions/consoles>
   include <abstractions/freedesktop.org>
-  include <abstractions/fontconfig-cache-read>
+  include <abstractions/fontconfig-cache-read> 
   include <abstractions/qt5>
   include <abstractions/X-strict>
 
@@ -21,20 +21,23 @@ profile startlxqt @{exec_path} {
 
   @{bin}/xrdb               rPx,
   @{bin}/xsetroot           rPx,
-  @{bin}/xprop              rpx,
-  @{bin}/mkdir              rix,
-  @{bin}/dbus-launch        rPx,
-  @{bin}/lxqt-session       rPx,
-  @{sh_path}                rix,
+  @{bin}/xprop 		    rpx,
+  @{bin}/mkdir		    rix,
+  @{bin}/dbus-launch 	    rPx,
+  @{sh_path}		    rix,
+  @{bin}/lxqt-session 	    rPx,
+
+  @{bin}/systemctl                           rCx -> systemctl,
+  @{bin}/dbus-update-activation-environment  rCx -> dbus,
 
   /usr/share/color-schemes/{,**} r,
   /usr/share/desktop-directories/{,**} r,
   /usr/share/icu/@{int}.@{int}/*.dat r,
+  /usr/share/kservices5/{,**} r,
   /usr/share/mime/{,**} r,
 
   /etc/locale.alias r,
   /etc/machine-id r,
-  /etc/xdg/kdeglobals r,
   /etc/xdg/menus/{,**} r,
 
   @{HOME}/ r,
@@ -42,14 +45,17 @@ profile startlxqt @{exec_path} {
 
   owner @{user_cache_dirs}/ rw,
   owner @{user_cache_dirs}/#@{int} rw,
-        @{user_cache_dirs}/ksycoca5_* rwkl -> @{user_cache_dirs}/#@{int},
+  @{user_cache_dirs}/ksycoca5_* rwkl -> @{user_cache_dirs}/#@{int},
 
   owner @{user_config_dirs}/#@{int} rw,
   owner @{user_config_dirs}/gtkrc rl,
   owner @{user_config_dirs}/gtkrc-2.0 rl,
+  owner @{user_config_dirs}/kcminputrc r,
   owner @{user_config_dirs}/lxqt/ rw,
+  owner @{user_config_dirs}/lxqt/** rwkl -> @{user_config_dirs}/kdedefaults/**,
   owner @{user_config_dirs}/menus/{,**} r,
 
+  owner @{user_share_dirs}/kservices5/{,**} r,
   owner @{user_share_dirs}/sddm/wayland-session.log rw,
   owner @{user_share_dirs}/sddm/xorg-session.log rw,
 
@@ -65,10 +71,22 @@ profile startlxqt @{exec_path} {
   /dev/tty rw,
   /dev/tty@{int} rw,
 
-  include if exists <local/startlxqt>
+  profile systemctl flags=(attach_disconnected) {
+    include <abstractions/base>
+    include <abstractions/app/systemctl>
+  
+    include if exists <local/startlxqt_systemctl>
+  }
+
+  profile dbus {
+    include <abstractions/base>
+
+    @{bin}/dbus-update-activation-environment mr,
+
+    owner @{HOME}/.xsession-errors w,
+
+    include if exists <local/startlxqt_dbus>
+  }
+
+
 }
-
-# vim:syntax=apparmor
-
-
-