From d0eb140d5c0b22047729b61125f0381b5a23ef6e Mon Sep 17 00:00:00 2001
From: curiosityseeker <60518106+curiosityseeker@users.noreply.github.com>
Date: Fri, 19 Jan 2024 16:35:06 +0100
Subject: [PATCH 1/6] Update sddm: adding unix_chkpwd

---
 apparmor.d/groups/kde/sddm | 1 +
 1 file changed, 1 insertion(+)

diff --git a/apparmor.d/groups/kde/sddm b/apparmor.d/groups/kde/sddm
index 95172442..5fe4ad86 100644
--- a/apparmor.d/groups/kde/sddm
+++ b/apparmor.d/groups/kde/sddm
@@ -63,6 +63,7 @@ profile sddm @{exec_path} flags=(attach_disconnected,mediate_deleted) {
   @{bin}/tty           rix,
   @{bin}/xdm            r,
   @{bin}/xmodmap       rix,
+  @{bin}/unix_chkpwd   rPx,
 
   @{bin}/kwin_wayland rPUx,
   @{bin}/sddm-greeter rPx,

From 4bad072ddd27854b6ba2c209732934e1f57201df Mon Sep 17 00:00:00 2001
From: curiosityseeker <60518106+curiosityseeker@users.noreply.github.com>
Date: Fri, 19 Jan 2024 16:36:18 +0100
Subject: [PATCH 2/6] Update needrestart: adding unix_chkpwd

---
 apparmor.d/profiles-m-r/needrestart | 1 +
 1 file changed, 1 insertion(+)

diff --git a/apparmor.d/profiles-m-r/needrestart b/apparmor.d/profiles-m-r/needrestart
index 904366c3..a82d9a2e 100644
--- a/apparmor.d/profiles-m-r/needrestart
+++ b/apparmor.d/profiles-m-r/needrestart
@@ -34,6 +34,7 @@ profile needrestart @{exec_path} flags=(attach_disconnected) {
   @{bin}/systemctl                         rPx -> child-systemctl,
   @{bin}/systemd-detect-virt               rPx,
   @{bin}/udevadm                           rPx,
+  @{bin}/unix_chkpwd                       rPx,
   @{bin}/whiptail                          rPx,
   @{bin}/who                               rix,
   @{lib}/needrestart/iucode-scan-versions  rPx,

From 056384ba90ba2490919de469d7429eabc81a3518 Mon Sep 17 00:00:00 2001
From: curiosityseeker <60518106+curiosityseeker@users.noreply.github.com>
Date: Fri, 19 Jan 2024 16:37:28 +0100
Subject: [PATCH 3/6] Update unix-chkpwd

---
 apparmor.d/profiles-s-z/unix-chkpwd | 1 +
 1 file changed, 1 insertion(+)

diff --git a/apparmor.d/profiles-s-z/unix-chkpwd b/apparmor.d/profiles-s-z/unix-chkpwd
index 4333ea13..1efa23f3 100644
--- a/apparmor.d/profiles-s-z/unix-chkpwd
+++ b/apparmor.d/profiles-s-z/unix-chkpwd
@@ -21,6 +21,7 @@ profile unix-chkpwd @{exec_path} {
   /etc/shadow r,
 
   # file_inherit
+        /dev/pts/@{int} rw,
   owner /dev/tty@{int} rw,
 
   include if exists <local/unix-chkpwd>

From a5db3d02d7b6d1c1a44d1b2143a3220ed4f5a061 Mon Sep 17 00:00:00 2001
From: curiosityseeker <60518106+curiosityseeker@users.noreply.github.com>
Date: Fri, 19 Jan 2024 16:39:24 +0100
Subject: [PATCH 4/6] Update polkitd: @{PROC}/@{pid}/fdinfo/@{int}

---
 apparmor.d/groups/freedesktop/polkitd | 1 +
 1 file changed, 1 insertion(+)

diff --git a/apparmor.d/groups/freedesktop/polkitd b/apparmor.d/groups/freedesktop/polkitd
index 9a6c0e19..8adf8909 100644
--- a/apparmor.d/groups/freedesktop/polkitd
+++ b/apparmor.d/groups/freedesktop/polkitd
@@ -58,6 +58,7 @@ profile polkitd @{exec_path} flags=(attach_disconnected) {
 
   @{PROC}/@{pids}/cgroup r,
   @{PROC}/@{pids}/cmdline r,
+  @{PROC}/@{pid}/fdinfo/@{int} r,
   @{PROC}/@{pids}/stat r,
   @{PROC}/@{pids}/task/@{tid}/stat r,
   @{PROC}/1/environ r,

From d44d2491b9ba8981b4f77c3bfb6dcfc94274369c Mon Sep 17 00:00:00 2001
From: curiosityseeker <60518106+curiosityseeker@users.noreply.github.com>
Date: Fri, 19 Jan 2024 16:44:21 +0100
Subject: [PATCH 5/6] Update btrfs

---
 apparmor.d/profiles-a-f/btrfs | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/apparmor.d/profiles-a-f/btrfs b/apparmor.d/profiles-a-f/btrfs
index 8326bcab..4d7e3a70 100644
--- a/apparmor.d/profiles-a-f/btrfs
+++ b/apparmor.d/profiles-a-f/btrfs
@@ -41,13 +41,18 @@ profile btrfs @{exec_path} flags=(attach_disconnected) {
 
   @{run}/blkid/blkid.tab{,-@{rand6}} rw,
   @{run}/blkid/blkid.tab.old rwl -> @{run}/blkid/blkid.tab,
-
+  @{run}/snapper-tools-*/ r,
+  @{run}/snapper-tools-@{rand6}/@/.snapshots/@{int}/snapshot r,
+  
+  @{sys}/fs/btrfs/@{uuid}/exclusive_operation r,
   @{sys}/fs/btrfs/@{uuid}/devinfo/@{int}/fsid r,
+  @{sys}/fs/btrfs/@{uuid}/devinfo/@{int}/scrub_speed_max r,
 
         @{PROC}/partitions r,
   owner @{PROC}/@{pid}/mounts r,
 
   /dev/btrfs-control rw,
+  /dev/pts/@{int} rw,
   /dev/tty@{int} rw,
   
 

From 2e396c11f9d76b2a8b1e7a5dc291e7a106dffb2c Mon Sep 17 00:00:00 2001
From: curiosityseeker <60518106+curiosityseeker@users.noreply.github.com>
Date: Fri, 19 Jan 2024 18:14:23 +0100
Subject: [PATCH 6/6] Update login

---
 apparmor.d/profiles-g-l/login | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/apparmor.d/profiles-g-l/login b/apparmor.d/profiles-g-l/login
index 0e278b08..82177368 100644
--- a/apparmor.d/profiles-g-l/login
+++ b/apparmor.d/profiles-g-l/login
@@ -38,6 +38,7 @@ profile login @{exec_path} flags=(attach_disconnected) {
   @{exec_path} mr,
 
   @{bin}/{,z,ba,da}sh  rUx,
+  @{bin}/unix_chkpwd rPx,
 
   @{etc_ro}/environment r,
   @{etc_ro}/security/limits.d/{,*} r,
@@ -55,7 +56,7 @@ profile login @{exec_path} flags=(attach_disconnected) {
 
   owner @{user_cache_dirs}/motd.legal-displayed rw,
 
-  @{run}/motd.d/ r,
+  @{run}/motd.d/{,*} r,
   @{run}/dbus/system_bus_socket rw,
   @{run}/faillock/* rwk,
   @{run}/motd.dynamic{,.new} rw,