From 4a37cd11490c23eda8b784a7be39416a6ae64b48 Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Sun, 3 Jul 2022 20:29:45 +0100
Subject: [PATCH] feat(profiles): add software-properties-gtk &
 ubuntu-advantage.

---
 .../groups/ubuntu/software-properties-gtk     | 36 +++++++++++++++++++
 apparmor.d/groups/ubuntu/ubuntu-advantage     | 24 +++++++++++++
 dists/flags/ubuntu.flags                      |  5 +++
 3 files changed, 65 insertions(+)
 create mode 100644 apparmor.d/groups/ubuntu/software-properties-gtk
 create mode 100644 apparmor.d/groups/ubuntu/ubuntu-advantage

diff --git a/apparmor.d/groups/ubuntu/software-properties-gtk b/apparmor.d/groups/ubuntu/software-properties-gtk
new file mode 100644
index 00000000..4953d5d1
--- /dev/null
+++ b/apparmor.d/groups/ubuntu/software-properties-gtk
@@ -0,0 +1,36 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2022 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = /{usr/,}bin/software-properties-gtk
+profile software-properties-gtk @{exec_path} {
+  include <abstractions/base>
+  include <abstractions/apt-common>
+  include <abstractions/python>
+  include <abstractions/fonts>
+  include <abstractions/openssl>
+
+  @{exec_path} mr,
+
+  /{usr/,}bin/aplay                    rPx,
+  /{usr/,}bin/apt-key                  rPx,
+  /{usr/,}bin/dpkg                     rPx -> child-dpkg,
+  /{usr/,}bin/lsb_release              rPx -> lsb_release,
+  /{usr/,}bin/ubuntu-advantage         rPx,
+
+  /usr/share/icons/{,**} r,
+  /usr/share/ubuntu-drivers-common/detect/{,**} r,
+
+  /etc/machine-id r,
+
+  owner @{PROC}/@{pid}/fd/ r,
+
+  @{sys}/devices/ r,
+  @{sys}/devices/**/ r,
+
+  include if exists <local/software-properties-gtk>
+}
\ No newline at end of file
diff --git a/apparmor.d/groups/ubuntu/ubuntu-advantage b/apparmor.d/groups/ubuntu/ubuntu-advantage
new file mode 100644
index 00000000..57338fed
--- /dev/null
+++ b/apparmor.d/groups/ubuntu/ubuntu-advantage
@@ -0,0 +1,24 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2022 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = /{usr/,}bin/ubuntu-advantage
+profile ubuntu-advantage @{exec_path} {
+  include <abstractions/base>
+  include <abstractions/apt-common>
+  include <abstractions/nameservice-strict>
+  include <abstractions/python>
+  include <abstractions/ssl_certs> 
+
+  @{exec_path} mr,
+
+  /{usr/,}bin/dpkg                     rPx -> child-dpkg,
+
+  owner @{PROC}/@{pid}/fd/ r,
+
+  include if exists <local/ubuntu-advantage>
+}
\ No newline at end of file
diff --git a/dists/flags/ubuntu.flags b/dists/flags/ubuntu.flags
index 0bcf03fd..047990aa 100644
--- a/dists/flags/ubuntu.flags
+++ b/dists/flags/ubuntu.flags
@@ -3,12 +3,17 @@ apport-gtk complain
 apt-esm-hook complain
 apt-esm-json-hook complain
 check-new-release-gtk complain
+do-release-upgrade complain
 hwe-support-status complain
 list-oem-metapackages complain
 livepatch-notification complain
+notify-reboot-required complain
 package-system-locked attach_disconnected,complain
 packagekitd complain
 release-upgrade-motd complain
+software-properties-gtk
+software-properties-gtk complain
+ubuntu-advantage complain
 ubuntu-advantage-notification complain
 ubuntu-report complain
 update-manager attach_disconnected,complain