From 19521569ce241ccaafeb84f36b887f800a1f3b0b Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Sun, 4 Apr 2021 01:13:25 +0100
Subject: [PATCH] Complete ss_cert abstraction.

---
 apparmor.d/abstractions/ssl_certs.d/complete | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 apparmor.d/abstractions/ssl_certs.d/complete

diff --git a/apparmor.d/abstractions/ssl_certs.d/complete b/apparmor.d/abstractions/ssl_certs.d/complete
new file mode 100644
index 00000000..0bab5773
--- /dev/null
+++ b/apparmor.d/abstractions/ssl_certs.d/complete
@@ -0,0 +1,13 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2021 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+  /etc/ca-certificates/{,**} r,
+  /etc/{,libre}ssl/ r,
+  /etc/{,libre}ssl/cert.pem r,
+  /etc/{,libre}ssl/certs/{,**} r,
+  /etc/pki/trust/{,*} r,
+  /etc/pki/trust/anchors/{,**} r,
+  /usr/share/ca-certificates/{,**} r,
+  /usr/local/share/ca-certificates/{,**} r,
+  /var/lib/ca-certificates/{,**} r,