From 7db753f0c9eec4da1553a59086538663ceaf99f3 Mon Sep 17 00:00:00 2001
From: nobodysu <nobodysu@users.noreply.github.com>
Date: Wed, 1 Jun 2022 17:54:07 +0000
Subject: [PATCH] Alphanumeric systemd sessions (#47)

---
 apparmor.d/groups/freedesktop/colord               | 2 +-
 apparmor.d/groups/gnome/gdm                        | 4 ++--
 apparmor.d/groups/gnome/gdm-session-worker         | 2 +-
 apparmor.d/groups/gnome/gnome-control-center       | 6 +++---
 apparmor.d/groups/gnome/gnome-session-binary       | 4 ++--
 apparmor.d/groups/gnome/gnome-shell                | 4 ++--
 apparmor.d/groups/gnome/gnome-system-monitor       | 5 +++--
 apparmor.d/groups/gnome/gsd-xsettings              | 2 +-
 apparmor.d/groups/gvfs/gvfs-udisks2-volume-monitor | 2 +-
 apparmor.d/groups/virt/cockpit-session             | 4 ++--
 apparmor.d/profiles-g-l/labwc                      | 2 +-
 apparmor.d/profiles-g-l/light-locker               | 2 +-
 apparmor.d/profiles-m-r/ps                         | 2 +-
 apparmor.d/profiles-s-z/sddm                       | 2 +-
 apparmor.d/profiles-s-z/spice-vdagentd             | 4 ++--
 15 files changed, 24 insertions(+), 23 deletions(-)

diff --git a/apparmor.d/groups/freedesktop/colord b/apparmor.d/groups/freedesktop/colord
index cf5e5daa..fcfa90ce 100644
--- a/apparmor.d/groups/freedesktop/colord
+++ b/apparmor.d/groups/freedesktop/colord
@@ -37,7 +37,7 @@ profile colord @{exec_path} flags=(attach_disconnected) {
 
   @{user_share_dirs}/icc/edid-*.icc r,
 
-  @{run}/systemd/sessions/[0-9]* r,
+  @{run}/systemd/sessions/* r,
 
   @{sys}/class/drm/ r,
   @{sys}/class/video4linux/ r,
diff --git a/apparmor.d/groups/gnome/gdm b/apparmor.d/groups/gnome/gdm
index 3532b32c..9bfac45c 100644
--- a/apparmor.d/groups/gnome/gdm
+++ b/apparmor.d/groups/gnome/gdm
@@ -44,8 +44,8 @@ profile gdm @{exec_path} flags=(attach_disconnected) {
   @{run}/gdm{3,}/gdm.pid rw,
   @{run}/gdm{3,}/greeter/ rw,
   @{run}/systemd/seats/seat[0-9]* r,
-  @{run}/systemd/sessions/[0-9]* r,
-  @{run}/systemd/sessions/[0-9]*.ref r,
+  @{run}/systemd/sessions/*     r,
+  @{run}/systemd/sessions/*.ref r,
   @{run}/systemd/userdb/ r,
   @{run}/systemd/users/@{uid} r,
   @{run}/udev/tags/master-of-seat/ r,
diff --git a/apparmor.d/groups/gnome/gdm-session-worker b/apparmor.d/groups/gnome/gdm-session-worker
index d7e91d94..49938a96 100644
--- a/apparmor.d/groups/gnome/gdm-session-worker
+++ b/apparmor.d/groups/gnome/gdm-session-worker
@@ -61,7 +61,7 @@ profile gdm-session-worker @{exec_path} flags=(attach_disconnected) {
 
   @{run}/faillock/[a-zA-z0-9]* rwk,
   @{run}/gdm/custom.conf r,
-  @{run}/systemd/sessions/[0-9]*.ref rw,
+  @{run}/systemd/sessions/*.ref rw,
   @{run}/systemd/users/@{uid} r,
   @{run}/utmp rwk,
 
diff --git a/apparmor.d/groups/gnome/gnome-control-center b/apparmor.d/groups/gnome/gnome-control-center
index 5822b9c4..eb181ea6 100644
--- a/apparmor.d/groups/gnome/gnome-control-center
+++ b/apparmor.d/groups/gnome/gnome-control-center
@@ -83,8 +83,8 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
   owner @{run}/user/@{uid}/gnome-shell-disable-extensions w,
   owner @{run}/user/@{uid}/webkitgtk/{,**} rw,
         @{run}/systemd/users/@{uid} r,
-        @{run}/systemd/sessions/ r,
-        @{run}/systemd/sessions/[0-9]* r,
+        @{run}/systemd/sessions/  r,
+        @{run}/systemd/sessions/* r,
 
   @{run}/udev/data/+dmi:* r,
   @{run}/udev/data/+input* r,       # for mouse, keyboard, touchpad
@@ -123,4 +123,4 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
   /dev/video[0-9]* rw,
 
   include if exists <local/gnome-control-center>
-}
\ No newline at end of file
+}
diff --git a/apparmor.d/groups/gnome/gnome-session-binary b/apparmor.d/groups/gnome/gnome-session-binary
index 94e54cfc..f9711333 100644
--- a/apparmor.d/groups/gnome/gnome-session-binary
+++ b/apparmor.d/groups/gnome/gnome-session-binary
@@ -105,8 +105,8 @@ profile gnome-session-binary @{exec_path} flags=(attach_disconnected) {
   owner @{run}/user/@{uid}/gnome-session-leader-fifo rw,
   owner @{run}/user/@{uid}/ICEauthority{,-[a-z]} rwl,
         @{run}/systemd/inhibit/[0-9]*.ref rw,
-        @{run}/systemd/sessions/[0-9]* r,
-        @{run}/systemd/sessions/[0-9]*.ref rw,
+        @{run}/systemd/sessions/*     r,
+        @{run}/systemd/sessions/*.ref rw,
         @{run}/systemd/users/@{uid} r,
 
   /tmp/.ICE-unix/[0-9]* rw,
diff --git a/apparmor.d/groups/gnome/gnome-shell b/apparmor.d/groups/gnome/gnome-shell
index 6a059dc8..bbc8375a 100644
--- a/apparmor.d/groups/gnome/gnome-shell
+++ b/apparmor.d/groups/gnome/gnome-shell
@@ -137,8 +137,8 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected) {
 
   @{run}/systemd/users/@{uid} r,
   @{run}/systemd/seats/seat[0-9]* r,
-  @{run}/systemd/sessions/ r,
-  @{run}/systemd/sessions/[0-9]* r,
+  @{run}/systemd/sessions/  r,
+  @{run}/systemd/sessions/* r,
   @{run}/systemd/inhibit/[0-9]*.ref rw,
 
   @{run}/udev/tags/seat/ r,
diff --git a/apparmor.d/groups/gnome/gnome-system-monitor b/apparmor.d/groups/gnome/gnome-system-monitor
index f42c703e..1053f8bd 100644
--- a/apparmor.d/groups/gnome/gnome-system-monitor
+++ b/apparmor.d/groups/gnome/gnome-system-monitor
@@ -39,7 +39,8 @@ profile gnome-system-monitor @{exec_path} flags=(attach_disconnected) {
   owner @{run}/user/@{uid}/dconf/user rw,
   owner @{run}/user/@{uid}/doc/ rw,
 
-  @{run}/systemd/sessions/[0-9]*{,.ref} r,
+  @{run}/systemd/sessions/*     r,
+  @{run}/systemd/sessions/*.ref r,
 
   @{sys}/devices/pci[0-9]*/**/net/*/statistics/collisions r,
   @{sys}/devices/pci[0-9]*/**/net/*/statistics/rx_{bytes,errors,packets} r,
@@ -65,4 +66,4 @@ profile gnome-system-monitor @{exec_path} flags=(attach_disconnected) {
   @{PROC}/vmstat r,
 
   include if exists <local/gnome-system-monitor>
-}
\ No newline at end of file
+}
diff --git a/apparmor.d/groups/gnome/gsd-xsettings b/apparmor.d/groups/gnome/gsd-xsettings
index 9bf870d8..6f4d858e 100644
--- a/apparmor.d/groups/gnome/gsd-xsettings
+++ b/apparmor.d/groups/gnome/gsd-xsettings
@@ -54,7 +54,7 @@ profile gsd-xsettings @{exec_path} {
   owner @{run}/user/@{uid}/.mutter-Xwaylandauth.[a-zA-z0-9]* r,
 
   owner @{run}/systemd/users/@{uid}/ r,
-        @{run}/systemd/sessions/[0-9]* r,
+        @{run}/systemd/sessions/* r,
 
   owner @{PROC}/@{pid}/fd/ r,
 
diff --git a/apparmor.d/groups/gvfs/gvfs-udisks2-volume-monitor b/apparmor.d/groups/gvfs/gvfs-udisks2-volume-monitor
index c18b5fc4..c91b5c08 100644
--- a/apparmor.d/groups/gvfs/gvfs-udisks2-volume-monitor
+++ b/apparmor.d/groups/gvfs/gvfs-udisks2-volume-monitor
@@ -46,7 +46,7 @@ profile gvfs-udisks2-volume-monitor @{exec_path} {
   owner @{run}/user/@{uid}/dconf/user rw,
 
   @{run}/mount/utab r,
-  @{run}/systemd/sessions/[0-9]* r,
+  @{run}/systemd/sessions/* r,
 
   owner @{PROC}/@{pid}/cgroup r,
   owner @{PROC}/@{pid}/fd/ r,
diff --git a/apparmor.d/groups/virt/cockpit-session b/apparmor.d/groups/virt/cockpit-session
index 2223836f..b91630d0 100644
--- a/apparmor.d/groups/virt/cockpit-session
+++ b/apparmor.d/groups/virt/cockpit-session
@@ -32,7 +32,7 @@ profile cockpit-session @{exec_path} flags=(attach_disconnected) {
   /etc/shells r,
 
   @{run}/faillock/[a-zA-z0-9]* rwk,
-  @{run}/systemd/sessions/[0-9].ref rw,
+  @{run}/systemd/sessions/*.ref rw,
   @{run}/systemd/userdb/ r,
   @{run}/utmp rwk,
 
@@ -45,4 +45,4 @@ profile cockpit-session @{exec_path} flags=(attach_disconnected) {
         @{PROC}/@{pids}/fd/ r,
 
   include if exists <local/cockpit-session>
-}
\ No newline at end of file
+}
diff --git a/apparmor.d/profiles-g-l/labwc b/apparmor.d/profiles-g-l/labwc
index 7790d273..0cae0773 100644
--- a/apparmor.d/profiles-g-l/labwc
+++ b/apparmor.d/profiles-g-l/labwc
@@ -58,7 +58,7 @@ profile labwc @{exec_path} flags=(attach_disconnected) {
   @{run}/udev/data/c13:[0-9]*  r,      # for /dev/input/*
   @{run}/udev/data/c226:[0-9]* r,      # for /dev/dri/card*
 
-  @{run}/systemd/sessions/[0-9]* r,
+  @{run}/systemd/sessions/* r,
   @{run}/systemd/seats/seat[0-9]* r,
 
   @{run}/user/@{uid}/wayland-[0-9].lock k,
diff --git a/apparmor.d/profiles-g-l/light-locker b/apparmor.d/profiles-g-l/light-locker
index ee14411a..85c9dbd5 100644
--- a/apparmor.d/profiles-g-l/light-locker
+++ b/apparmor.d/profiles-g-l/light-locker
@@ -25,7 +25,7 @@ profile light-locker @{exec_path} {
   owner @{PROC}/@{pid}/cgroup r,
 
   # when locking the screen and switching/closing sessions
-  @{run}/systemd/sessions/[0-9]* r,
+  @{run}/systemd/sessions/* r,
 
   include <abstractions/dconf>
   owner @{run}/user/@{uid}/dconf/ rw,
diff --git a/apparmor.d/profiles-m-r/ps b/apparmor.d/profiles-m-r/ps
index 3f524288..90ec3046 100644
--- a/apparmor.d/profiles-m-r/ps
+++ b/apparmor.d/profiles-m-r/ps
@@ -52,7 +52,7 @@ profile ps @{exec_path} flags=(attach_disconnected) {
        @{PROC}/tty/drivers r,
        @{PROC}/uptime r,
 
-  @{run}/systemd/sessions/[0-9]* r,
+  @{run}/systemd/sessions/* r,
 
   @{sys}/devices/system/node/ r,
   @{sys}/devices/system/node/node[0-9]*/meminfo r,
diff --git a/apparmor.d/profiles-s-z/sddm b/apparmor.d/profiles-s-z/sddm
index 0968089d..6a600567 100644
--- a/apparmor.d/profiles-s-z/sddm
+++ b/apparmor.d/profiles-s-z/sddm
@@ -157,7 +157,7 @@ profile sddm @{exec_path} {
   # Run SDDM on a specific TTY
   /dev/tty[0-9]* rw,
 
-  @{run}/systemd/sessions/[0-9]*.ref rw,
+  @{run}/systemd/sessions/*.ref rw,
 
 
   profile sddm-scripts {
diff --git a/apparmor.d/profiles-s-z/spice-vdagentd b/apparmor.d/profiles-s-z/spice-vdagentd
index 0af212c2..2441b65b 100644
--- a/apparmor.d/profiles-s-z/spice-vdagentd
+++ b/apparmor.d/profiles-s-z/spice-vdagentd
@@ -16,7 +16,7 @@ profile spice-vdagentd @{exec_path} {
 
   owner @{run}/spice-vdagentd/spice-vdagentd.pid rw,
         @{run}/systemd/seats/seat[0-9]* r,
-        @{run}/systemd/sessions/[0-9]* r,
+        @{run}/systemd/sessions/* r,
         @{run}/systemd/users/@{uid} r,
 
   @{PROC}/@{pids}/cgroup r,
@@ -25,4 +25,4 @@ profile spice-vdagentd @{exec_path} {
   /dev/vport[0-9]*p[0-9]* rw,
 
   include if exists <local/spice-vdagentd>
-}
\ No newline at end of file
+}