feat(groups/{u,v,w,x}*): vim syntax support

Add vim modeline instructing the editor to use syntax plugin provided by apparmor. Continuation of #395 to keep the diff list relatively short.
2025-01-18 00:48:10 +01:00 · 2024-06-16 17:28:45 +03:00 · 2024-06-16 17:28:45 +03:00 · 68d1222029
commit 68d1222029
parent f1a0349978
126 changed files with 348 additions and 96 deletions
--- a/apparmor.d/groups/ubuntu/apport
+++ b/apparmor.d/groups/ubuntu/apport
@ -53,4 +53,6 @@ profile apport @{exec_path} flags=(attach_disconnected) {
  owner @{PROC}/@{pid}/fd/ r,

  include if exists <local/apport>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/apport-checkreports
+++ b/apparmor.d/groups/ubuntu/apport-checkreports
@ -29,4 +29,6 @@ profile apport-checkreports @{exec_path} flags=(attach_disconnected)  {
  @{run}/apport.lock rwk,

  include if exists <local/apport-checkreports>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/apport-gtk
+++ b/apparmor.d/groups/ubuntu/apport-gtk
@ -129,3 +129,5 @@ profile apport-gtk @{exec_path} {

  include if exists <local/apport-gtk>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/apt-esm-hook
+++ b/apparmor.d/groups/ubuntu/apt-esm-hook
@ -25,4 +25,6 @@ profile apt-esm-hook @{exec_path} {
        @{PROC}/@{pids}/cmdline r,

  include if exists <local/apt-esm-hook>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/apt-esm-json-hook
+++ b/apparmor.d/groups/ubuntu/apt-esm-json-hook
@ -28,4 +28,6 @@ profile apt-esm-json-hook @{exec_path} {
  owner @{PROC}/@{pid}/fd/ r,

  include if exists <local/apt-esm-json-hook>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/check-new-release-gtk
+++ b/apparmor.d/groups/ubuntu/check-new-release-gtk
@ -58,3 +58,5 @@ profile check-new-release-gtk @{exec_path} {

  include if exists <local/check-new-release-gtk>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/cron-ubuntu-fan
+++ b/apparmor.d/groups/ubuntu/cron-ubuntu-fan
@ -30,4 +30,6 @@ profile cron-ubuntu-fan @{exec_path} {
  @{run}/ubuntu-fan/.lock rwk,

  include if exists <local/cron-ubuntu-fan>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/do-release-upgrade
+++ b/apparmor.d/groups/ubuntu/do-release-upgrade
@ -43,4 +43,6 @@ profile do-release-upgrade @{exec_path} {
        @{PROC}/@{pids}/mountinfo r,

  include if exists <local/do-release-upgrade>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/hwe-support-status
+++ b/apparmor.d/groups/ubuntu/hwe-support-status
@ -22,4 +22,6 @@ profile hwe-support-status @{exec_path} {
  owner @{PROC}/@{pid}/fd/ r,

  include if exists <local/hwe-support-status>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/list-oem-metapackages
+++ b/apparmor.d/groups/ubuntu/list-oem-metapackages
@ -29,4 +29,6 @@ profile list-oem-metapackages @{exec_path} {
        @{PROC}/@{pids}/mountinfo r,

  include if exists <local/list-oem-metapackages>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/livepatch-notification
+++ b/apparmor.d/groups/ubuntu/livepatch-notification
@ -26,4 +26,6 @@ profile livepatch-notification @{exec_path} {
  @{run}/user/@{uid}/gdm/Xauthority r,

  include if exists <local/livepatch-notification>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/notify-reboot-required
+++ b/apparmor.d/groups/ubuntu/notify-reboot-required
@ -23,4 +23,6 @@ profile notify-reboot-required @{exec_path} {
  @{run}/reboot-required.pkgs rw,

  include if exists <local/notify-reboot-required>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/notify-updates-outdated
+++ b/apparmor.d/groups/ubuntu/notify-updates-outdated
@ -17,4 +17,6 @@ profile notify-updates-outdated @{exec_path} {
  @{bin}/gettext     rix,

  include if exists <local/notify-updates-outdated>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/package-data-downloader
+++ b/apparmor.d/groups/ubuntu/package-data-downloader
@ -20,4 +20,6 @@ profile package-data-downloader @{exec_path} {
  /usr/share/package-data-downloads/ r,

  include if exists <local/package-data-downloader>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/package-system-locked
+++ b/apparmor.d/groups/ubuntu/package-system-locked
@ -35,4 +35,6 @@ profile package-system-locked @{exec_path} flags=(attach_disconnected) {
  owner @{PROC}/@{pid}/stat r,

  include if exists <local/package-system-locked>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/pro
+++ b/apparmor.d/groups/ubuntu/pro
@ -15,4 +15,6 @@ profile pro @{exec_path} {
  @{exec_path} mr,

  include if exists <local/pro>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/release-upgrade-motd
+++ b/apparmor.d/groups/ubuntu/release-upgrade-motd
@ -26,3 +26,5 @@ profile release-upgrade-motd @{exec_path} {

  include if exists <local/release-upgrade-motd>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/software-properties-dbus
+++ b/apparmor.d/groups/ubuntu/software-properties-dbus
@ -48,3 +48,5 @@ profile software-properties-dbus @{exec_path} {

  include if exists <local/software-properties-dbus>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/software-properties-gtk
+++ b/apparmor.d/groups/ubuntu/software-properties-gtk
@ -96,3 +96,5 @@ profile software-properties-gtk @{exec_path} {

  include if exists <local/software-properties-gtk>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/subiquity-console-conf
+++ b/apparmor.d/groups/ubuntu/subiquity-console-conf
@ -113,3 +113,5 @@ profile subiquity-console-conf @{exec_path} {

  include if exists <local/subiquity-console-conf>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/ubuntu-advantage
+++ b/apparmor.d/groups/ubuntu/ubuntu-advantage
@ -90,4 +90,6 @@ profile ubuntu-advantage @{exec_path} {
  }

  include if exists <local/ubuntu-advantage>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/ubuntu-advantage-desktop-daemon
+++ b/apparmor.d/groups/ubuntu/ubuntu-advantage-desktop-daemon
@ -33,4 +33,6 @@ profile ubuntu-advantage-desktop-daemon @{exec_path} flags=(attach_disconnected)
  /var/lib/ubuntu-advantage/{,**} r,

  include if exists <local/ubuntu-advantage-desktop-daemon>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/ubuntu-advantage-notification
+++ b/apparmor.d/groups/ubuntu/ubuntu-advantage-notification
@ -24,4 +24,6 @@ profile ubuntu-advantage-notification @{exec_path} {
  /usr/share/X11/xkb/{,**} r,

  include if exists <local/ubuntu-advantage-notification>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/ubuntu-distro-info
+++ b/apparmor.d/groups/ubuntu/ubuntu-distro-info
@ -15,4 +15,6 @@ profile ubuntu-distro-info @{exec_path} {
  /usr/share/distro-info/*.csv r,

  include if exists <local/ubuntu-distro-info>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/ubuntu-report
+++ b/apparmor.d/groups/ubuntu/ubuntu-report
@ -26,4 +26,6 @@ profile ubuntu-report @{exec_path} {
  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,

  include if exists <local/ubuntu-report>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/update-manager
+++ b/apparmor.d/groups/ubuntu/update-manager
@ -82,3 +82,5 @@ profile update-manager @{exec_path} flags=(attach_disconnected) {

  include if exists <local/update-manager>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/update-motd-fsck-at-reboot
+++ b/apparmor.d/groups/ubuntu/update-motd-fsck-at-reboot
@ -48,4 +48,6 @@ profile update-motd-fsck-at-reboot @{exec_path} {
  }

  include if exists <local/update-motd-fsck-at-reboot>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/update-motd-updates-available
+++ b/apparmor.d/groups/ubuntu/update-motd-updates-available
@ -51,4 +51,6 @@ profile update-motd-updates-available @{exec_path} {
        @{PROC}/@{pids}/mountinfo r,

  include if exists <local/update-motd-updates-available>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/ubuntu/update-notifier
+++ b/apparmor.d/groups/ubuntu/update-notifier
@ -102,3 +102,5 @@ profile update-notifier @{exec_path} {

  include if exists <local/update-notifier>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cni-bandwidth
+++ b/apparmor.d/groups/virt/cni-bandwidth
@ -22,3 +22,5 @@ profile cni-bandwidth @{exec_path} {

  include if exists <local/cni-bandwidth>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cni-bridge
+++ b/apparmor.d/groups/virt/cni-bridge
@ -15,4 +15,6 @@ profile cni-bridge @{exec_path} {
  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,

  include if exists <local/cni-bridge>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cni-calico
+++ b/apparmor.d/groups/virt/cni-calico
@ -45,3 +45,5 @@ profile cni-calico @{exec_path} flags=(attach_disconnected) {

  include if exists <local/cni-calico>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cni-firewall
+++ b/apparmor.d/groups/virt/cni-firewall
@ -15,4 +15,6 @@ profile cni-firewall @{exec_path} {
  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,

  include if exists <local/cni-firewall>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cni-flannel
+++ b/apparmor.d/groups/virt/cni-flannel
@ -15,4 +15,6 @@ profile cni-flannel @{exec_path} flags=(complain,attach_disconnected){
  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,

  include if exists <local/cni-flannel>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cni-host-local
+++ b/apparmor.d/groups/virt/cni-host-local
@ -15,4 +15,6 @@ profile cni-host-local @{exec_path} flags=(complain,attach_disconnected){
  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,

  include if exists <local/cni-host-local>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cni-loopback
+++ b/apparmor.d/groups/virt/cni-loopback
@ -26,3 +26,5 @@ profile cni-loopback @{exec_path} flags=(attach_disconnected) {

  include if exists <local/cni-loopback>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cni-portmap
+++ b/apparmor.d/groups/virt/cni-portmap
@ -23,3 +23,5 @@ profile cni-portmap @{exec_path} {

  include if exists <local/cni-portmap>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cni-tuning
+++ b/apparmor.d/groups/virt/cni-tuning
@ -15,4 +15,6 @@ profile cni-tuning @{exec_path} {
  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,

  include if exists <local/cni-tuning>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cni-xtables-nft
+++ b/apparmor.d/groups/virt/cni-xtables-nft
@ -32,3 +32,5 @@ profile cni-xtables-nft {

    @{PROC}/@{pids}/net/ip_tables_names r,
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cockpit-askpass
+++ b/apparmor.d/groups/virt/cockpit-askpass
@ -14,4 +14,6 @@ profile cockpit-askpass @{exec_path} {
  @{exec_path} mr,

  include if exists <local/cockpit-askpass>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cockpit-bridge
+++ b/apparmor.d/groups/virt/cockpit-bridge
@ -79,4 +79,6 @@ profile cockpit-bridge @{exec_path} {
  /dev/ptmx rw,

  include if exists <local/cockpit-bridge>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cockpit-certificate-ensure
+++ b/apparmor.d/groups/virt/cockpit-certificate-ensure
@ -23,4 +23,6 @@ profile cockpit-certificate-ensure @{exec_path} flags=(attach_disconnected) {
  owner @{run}/cockpit/tls/server/{,**} rw,

  include if exists <local/cockpit-certificate-ensure>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cockpit-certificate-helper
+++ b/apparmor.d/groups/virt/cockpit-certificate-helper
@ -30,4 +30,6 @@ profile cockpit-certificate-helper @{exec_path} {

  include if exists <local/cockpit-certificate-helper>

-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cockpit-desktop
+++ b/apparmor.d/groups/virt/cockpit-desktop
@ -13,4 +13,6 @@ profile cockpit-desktop @{exec_path} {
  @{exec_path} mr,

  include if exists <local/cockpit-desktop>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cockpit-pcp
+++ b/apparmor.d/groups/virt/cockpit-pcp
@ -40,4 +40,6 @@ profile cockpit-pcp @{exec_path} {
  owner @{PROC}/@{pid}/mounts r,

  include if exists <local/cockpit-pcp>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cockpit-session
+++ b/apparmor.d/groups/virt/cockpit-session
@ -54,3 +54,5 @@ profile cockpit-session @{exec_path} flags=(attach_disconnected) {

  include if exists <local/cockpit-session>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cockpit-ssh
+++ b/apparmor.d/groups/virt/cockpit-ssh
@ -14,4 +14,6 @@ profile cockpit-ssh @{exec_path} {
  @{exec_path} mr,

  include if exists <local/cockpit-ssh>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cockpit-tls
+++ b/apparmor.d/groups/virt/cockpit-tls
@ -20,4 +20,6 @@ profile cockpit-tls @{exec_path} flags=(attach_disconnected) {
  owner @{run}/cockpit/tls/{,**} rw,

  include if exists <local/cockpit-tls>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cockpit-update-motd
+++ b/apparmor.d/groups/virt/cockpit-update-motd
@ -36,4 +36,6 @@ profile cockpit-update-motd @{exec_path} {
  }

  include if exists <local/cockpit-update-motd>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cockpit-ws
+++ b/apparmor.d/groups/virt/cockpit-ws
@ -22,4 +22,6 @@ profile cockpit-ws @{exec_path} {
  owner @{PROC}/@{pid}/fd/ r,

  include if exists <local/cockpit-ws>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/cockpit-wsinstance-factory
+++ b/apparmor.d/groups/virt/cockpit-wsinstance-factory
@ -15,4 +15,6 @@ profile cockpit-wsinstance-factory @{exec_path} {
  @{exec_path} mr,

  include if exists <local/cockpit-wsinstance-factory>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/containerd
+++ b/apparmor.d/groups/virt/containerd
@ -122,3 +122,5 @@ profile containerd @{exec_path} flags=(attach_disconnected) {

  include if exists <local/containerd>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/containerd-shim-runc-v2
+++ b/apparmor.d/groups/virt/containerd-shim-runc-v2
@ -58,3 +58,5 @@ profile containerd-shim-runc-v2 @{exec_path} flags=(attach_disconnected) {

  include if exists <local/containerd-shim-runc-v2>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/docker-proxy
+++ b/apparmor.d/groups/virt/docker-proxy
@ -25,4 +25,6 @@ profile docker-proxy @{exec_path} {
  @{PROC}/sys/net/core/somaxconn r,

  include if exists <local/docker-proxy>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/dockerd
+++ b/apparmor.d/groups/virt/dockerd
@ -99,4 +99,6 @@ profile dockerd @{exec_path} flags=(attach_disconnected) {
  owner @{PROC}/@{pids}/uid_map r,

  include if exists <local/dockerd>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/k3s
+++ b/apparmor.d/groups/virt/k3s
@ -174,3 +174,5 @@ profile k3s @{exec_path} flags=(attach_disconnected) {

  include if exists <local/k3s>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/kubernetes-pause
+++ b/apparmor.d/groups/virt/kubernetes-pause
@ -18,3 +18,5 @@ profile kubernetes-pause @{exec_path} flags=(attach_disconnected) {

  include if exists <local/kubernetes-pause>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/libvirt-dbus
+++ b/apparmor.d/groups/virt/libvirt-dbus
@ -35,4 +35,6 @@ profile libvirt-dbus @{exec_path} {
  owner @{PROC}/@{pid}/fd/ r,

  include if exists <local/libvirt-dbus>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/libvirtd
+++ b/apparmor.d/groups/virt/libvirtd
@ -294,3 +294,5 @@ profile libvirtd @{exec_path} flags=(attach_disconnected) {
  include if exists <usr/libvirtd>
  include if exists <local/libvirtd>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/virt-aa-helper
+++ b/apparmor.d/groups/virt/virt-aa-helper
@ -64,3 +64,5 @@ profile virt-aa-helper @{exec_path} {
  include if exists <usr/virt-aa-helper.d>
  include if exists <local/virt-aa-helper>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/virtinterfaced
+++ b/apparmor.d/groups/virt/virtinterfaced
@ -40,4 +40,6 @@ profile virtinterfaced @{exec_path} flags=(attach_disconnected) {
  owner @{PROC}/@{pids}/stat r,

  include if exists <local/virtinterfaced>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/virtiofsd
+++ b/apparmor.d/groups/virt/virtiofsd
@ -62,4 +62,6 @@ profile virtiofsd @{exec_path} {
  # }

  include if exists <local/virtiofsd>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/virtlockd
+++ b/apparmor.d/groups/virt/virtlockd
@ -13,4 +13,6 @@ profile virtlockd @{exec_path} {
  @{exec_path} mr,

  include if exists <local/virtlockd>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/virtlogd
+++ b/apparmor.d/groups/virt/virtlogd
@ -44,3 +44,5 @@ profile virtlogd @{exec_path} flags=(attach_disconnected) {

  include if exists <local/virtlogd>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/virtnetworkd
+++ b/apparmor.d/groups/virt/virtnetworkd
@ -41,4 +41,6 @@ profile virtnetworkd @{exec_path} flags=(attach_disconnected) {
  owner @{PROC}/@{pids}/fd/ r,

  include if exists <local/virtnetworkd>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/virtnodedevd
+++ b/apparmor.d/groups/virt/virtnodedevd
@ -91,4 +91,6 @@ profile virtnodedevd @{exec_path} flags=(attach_disconnected) {
  owner @{PROC}/mtrr w,

  include if exists <local/virtnodedevd>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/virtsecretd
+++ b/apparmor.d/groups/virt/virtsecretd
@ -34,4 +34,6 @@ profile virtsecretd @{exec_path} flags=(attach_disconnected) {
  owner @{PROC}/@{pids}/stat r,

  include if exists <local/virtsecretd>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/virt/virtstoraged
+++ b/apparmor.d/groups/virt/virtstoraged
@ -64,4 +64,6 @@ profile virtstoraged @{exec_path} flags=(attach_disconnected) {
  owner @{PROC}/@{pids}/fd/ r,

  include if exists <local/virtstoraged>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/anondate
+++ b/apparmor.d/groups/whonix/anondate
@ -44,4 +44,6 @@ profile anondate @{exec_path} {
  owner @{run}/sdwdate/* rw,

  include if exists <local/anondate>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/msgcollector
+++ b/apparmor.d/groups/whonix/msgcollector
@ -43,4 +43,6 @@ profile msgcollector @{exec_path} {
  }

  include if exists <local/msgcollector>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/msgcollector-br-add
+++ b/apparmor.d/groups/whonix/msgcollector-br-add
@ -14,4 +14,6 @@ profile msgcollector-br-add @{exec_path} {
  @{exec_path} mr,

  include if exists <local/msgcollector-br-add>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/msgcollector-generic-gui-message
+++ b/apparmor.d/groups/whonix/msgcollector-generic-gui-message
@ -19,4 +19,6 @@ profile msgcollector-generic-gui-message @{exec_path} {
  @{lib}/msgcollector/ r,

  include if exists <local/msgcollector-generic-gui-message>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/msgcollector-striphtml
+++ b/apparmor.d/groups/whonix/msgcollector-striphtml
@ -16,4 +16,6 @@ profile msgcollector-striphtml @{exec_path} {
  @{lib}/msgcollector/ r,

  include if exists <local/msgcollector-striphtml>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/msgdispatcher
+++ b/apparmor.d/groups/whonix/msgdispatcher
@ -48,4 +48,6 @@ profile msgdispatcher @{exec_path} {
  }

  include if exists <local/msgdispatcher>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/msgdispatcher-autostart
+++ b/apparmor.d/groups/whonix/msgdispatcher-autostart
@ -21,4 +21,6 @@ profile msgdispatcher-autostart @{exec_path} {
  /dev/tty rw,

  include if exists <local/msgdispatcher-autostart>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/msgdispatcher-delete
+++ b/apparmor.d/groups/whonix/msgdispatcher-delete
@ -21,4 +21,6 @@ profile msgdispatcher-delete @{exec_path} {
  @{run}/msgcollector/user/* rw,

  include if exists <local/msgdispatcher-delete>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/msgdispatcher-dispatch
+++ b/apparmor.d/groups/whonix/msgdispatcher-dispatch
@ -16,4 +16,6 @@ profile msgdispatcher-dispatch @{exec_path} {
  @{exec_path} mr,

  include if exists <local/msgdispatcher-dispatch>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/open-link-confirmation
+++ b/apparmor.d/groups/whonix/open-link-confirmation
@ -25,4 +25,6 @@ profile open-link-confirmation @{exec_path} {
  owner @{HOME}/.xsession-errors rw,

  include if exists <local/open-link-confirmation>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/pam-abort-on-locked-password
+++ b/apparmor.d/groups/whonix/pam-abort-on-locked-password
@ -20,4 +20,6 @@ profile pam-abort-on-locked-password @{exec_path} {
  owner /dev/tty rw,

  include if exists <local/pam-abort-on-locked-password>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/pam-info
+++ b/apparmor.d/groups/whonix/pam-info
@ -27,4 +27,6 @@ profile pam-info @{exec_path} {
  owner /dev/tty rw,

  include if exists <local/pam-info>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/pam_faillock_not_if_x
+++ b/apparmor.d/groups/whonix/pam_faillock_not_if_x
@ -17,4 +17,6 @@ profile pam_faillock_not_if_x @{exec_path} {
  @{sh_path} rix,

  include if exists <local/pam_faillock_not_if_x>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/rads
+++ b/apparmor.d/groups/whonix/rads
@ -60,4 +60,6 @@ profile rads @{exec_path} {
  }

  include if exists <local/rads>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/sdwdate
+++ b/apparmor.d/groups/whonix/sdwdate
@ -53,4 +53,6 @@ profile sdwdate @{exec_path} flags=(attach_disconnected) {
  /dev/tty rw,

  include if exists <local/sdwdate>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/sdwdate-clock-jump
+++ b/apparmor.d/groups/whonix/sdwdate-clock-jump
@ -26,4 +26,6 @@ profile sdwdate-clock-jump @{exec_path} {
  }

  include if exists <local/sdwdate-clock-jump>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/sdwdate-gui
+++ b/apparmor.d/groups/whonix/sdwdate-gui
@ -50,4 +50,6 @@ profile sdwdate-gui @{exec_path} {
  }

  include if exists <local/sdwdate-gui>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/sdwdate-start
+++ b/apparmor.d/groups/whonix/sdwdate-start
@ -30,4 +30,6 @@ profile sdwdate-start @{exec_path} {
  /dev/tty rw,

  include if exists <local/sdwdate-start>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/sdwdate-wrapper
+++ b/apparmor.d/groups/whonix/sdwdate-wrapper
@ -16,4 +16,6 @@ profile sdwdate-wrapper @{exec_path} {
  @{lib}/sdwdate/sdwdate rPx,

  include if exists <local/sdwdate-wrapper>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/sensible-browser
+++ b/apparmor.d/groups/whonix/sensible-browser
@ -27,4 +27,6 @@ profile sensible-browser @{exec_path} {
  owner @{HOME}/.xsession-errors rw,

  include if exists <local/sensible-browser>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/systemcheck-canary
+++ b/apparmor.d/groups/whonix/systemcheck-canary
@ -31,4 +31,6 @@ profile systemcheck-canary @{exec_path} {
  @{PROC}/cmdline r,

  include if exists <local/systemcheck-canary>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/timesanitycheck
+++ b/apparmor.d/groups/whonix/timesanitycheck
@ -21,4 +21,6 @@ profile timesanitycheck @{exec_path} {
  owner /dev/tty rw,

  include if exists <local/timesanitycheck>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/tor-bootstrap-check
+++ b/apparmor.d/groups/whonix/tor-bootstrap-check
@ -20,4 +20,6 @@ profile tor-bootstrap-check @{exec_path} {
  @{run}/tor/control.authcookie r,

  include if exists <local/tor-bootstrap-check>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/tor-consensus-valid-after
+++ b/apparmor.d/groups/whonix/tor-consensus-valid-after
@ -22,4 +22,6 @@ profile tor-consensus-valid-after @{exec_path} {
  owner /tmp/tmp.@{rand10} rw,

  include if exists <local/tor-consensus-valid-after>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/torbrowser
+++ b/apparmor.d/groups/whonix/torbrowser
@ -69,3 +69,5 @@ profile torbrowser @{exec_path} flags=(attach_disconnected) {

  include if exists <local/torbrowser>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/torbrowser-glxtest
+++ b/apparmor.d/groups/whonix/torbrowser-glxtest
@ -28,4 +28,6 @@ profile torbrowser-glxtest @{exec_path} {
  owner @{PROC}/@{pid}/cmdline r,

  include if exists <local/torbrowser-glxtest>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/torbrowser-plugin-container
+++ b/apparmor.d/groups/whonix/torbrowser-plugin-container
@ -23,3 +23,5 @@ profile torbrowser-plugin-container @{exec_path} {

  include if exists <local/torbrowser-plugin-container>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/torbrowser-start
+++ b/apparmor.d/groups/whonix/torbrowser-start
@ -47,3 +47,5 @@ profile torbrowser-start @{exec_path} {

  include if exists <local/torbrowser-start>
 }
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/torbrowser-updater
+++ b/apparmor.d/groups/whonix/torbrowser-updater
@ -25,4 +25,6 @@ profile torbrowser-updater @{exec_path} {
  deny owner @{lib_dirs}/Downloads/** rw,

  include if exists <local/torbrowser-updater>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/torbrowser-updater-permission-fix
+++ b/apparmor.d/groups/whonix/torbrowser-updater-permission-fix
@ -39,4 +39,6 @@ profile torbrowser-updater-permission-fix @{exec_path} {
  deny @{HOME}/ r,

  include if exists <local/torbrowser-updater-permission-fix>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/torbrowser-vaapitest
+++ b/apparmor.d/groups/whonix/torbrowser-vaapitest
@ -28,4 +28,6 @@ profile torbrowser-vaapitest @{exec_path} {
  deny @{user_cache_dirs}/startupCache/* r,

  include if exists <local/torbrowser-vaapitest>
-}
+}
+
+# vim:syntax=apparmor
--- a/apparmor.d/groups/whonix/torbrowser-wrapper
+++ b/apparmor.d/groups/whonix/torbrowser-wrapper
@ -75,3 +75,5 @@ profile torbrowser-wrapper @{exec_path} {

  include if exists <local/torbrowser-wrapper>
 }
+
+# vim:syntax=apparmor
--- a/Show more
+++ b/Show more