From ee328f727b5e96e84ea871c2adee46bd7240db42 Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Sun, 17 Dec 2023 17:33:42 +0000
Subject: [PATCH] fix(gpg): due to how apt keyring is managed, the generic gpg
 needs apt keyring access.

fix #265
---
 apparmor.d/groups/gpg/gpg | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/apparmor.d/groups/gpg/gpg b/apparmor.d/groups/gpg/gpg
index 9fe2e6682..3db58b3bc 100644
--- a/apparmor.d/groups/gpg/gpg
+++ b/apparmor.d/groups/gpg/gpg
@@ -39,6 +39,10 @@ profile gpg @{exec_path} {
   owner @{user_projects_dirs}/**/gnupg/ rw,
   owner @{user_projects_dirs}/**/gnupg/** rwkl -> @{user_projects_dirs}/**/gnupg/**,
 
+  # only: apt
+  owner /etc/apt/keyrings/ rw,
+  owner /etc/apt/keyrings/** rwkl -> /etc/apt/keyrings/**,
+
   owner /var/lib/*/gnupg/ rw,
   owner /var/lib/*/gnupg/** rwkl -> /var/lib/*/gnupg/**,