{ buildGoModule, fetchFromGitHub, git, lib, unstableGitUpdater }: 
buildGoModule {
  pname = "apparmor-d";
  version = "unstable-2024-10-12";

  src = fetchFromGitHub {
    rev = "93269e0596a8d416a9ee647146c983115da2f346";
    owner = "roddhjav";
    repo = "apparmor.d";
    hash = "sha256-x8vnKEx/HZOweVX2Fu8ydGVpnS4gxsVJBbUWtKuwMUM=";
  };

  vendorHash = "sha256-YkOcpzn5AKFMDWUYbKY8DzGMiIMSyaDfexFmXv5HNQI=";
  
  doCheck = false;

  nativeBuildInputs = [ git ];

  patches = [
    ./apparmor-d-paths.patch
  ];

  subPackages = [
    "cmd/prebuild"
    "cmd/aa-log"
  ];

  passthru.updateScript = unstableGitUpdater { };

  postInstall = ''
    mkdir -p $out/etc
    
    DISTRIBUTION=arch $out/bin/prebuild --abi 4 # fixme: replace with nixos support once available
    
    mv .build/apparmor.d $out/etc
    rm $out/bin/prebuild
  '';

  meta = {
    description = "Full set of AppArmor profiles (~ 1500 profiles) ";
    homepage = "https://github.com/roddhjav/apparmor.d";
    license = lib.licenses.gpl2Only;
    mainProgram = "aa-log";
    maintainers = with lib.maintainers; [ grimmauld ];
    platforms = lib.platforms.linux;
  };
}