From 7ed8bcf1a7578f45924faf69517628a9cccd7959 Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Tue, 22 Oct 2024 11:27:07 +0100
Subject: [PATCH] feat(abs): use thumbnails-cache-read in
 thumbnails-cache-write.

---
 apparmor.d/abstractions/thumbnails-cache-read  |  4 ++--
 apparmor.d/abstractions/thumbnails-cache-write | 16 +++++++++-------
 2 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/apparmor.d/abstractions/thumbnails-cache-read b/apparmor.d/abstractions/thumbnails-cache-read
index adb80dd4..22982e1f 100644
--- a/apparmor.d/abstractions/thumbnails-cache-read
+++ b/apparmor.d/abstractions/thumbnails-cache-read
@@ -7,11 +7,11 @@
 
   owner @{user_cache_dirs}/thumbnails/ r,
   owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/ r,
-  owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/gnome-thumbnail-factory/ r,
-  owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/gnome-thumbnail-factory/*.png r,
   owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/*.png r,
   owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/*.png.@{rand6} r,
   owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/#@{int} r,
+  owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/gnome-thumbnail-factory/ r,
+  owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/gnome-thumbnail-factory/*.png r,
 
   include if exists <abstractions/thumbnails-cache-read.d>
 
diff --git a/apparmor.d/abstractions/thumbnails-cache-write b/apparmor.d/abstractions/thumbnails-cache-write
index 5a31de22..5e64fc66 100644
--- a/apparmor.d/abstractions/thumbnails-cache-write
+++ b/apparmor.d/abstractions/thumbnails-cache-write
@@ -5,13 +5,15 @@
 
   abi <abi/4.0>,
 
-  owner @{user_cache_dirs}/thumbnails/ rw,
-  owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/ rw,
-  owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/gnome-thumbnail-factory/ rw,
-  owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/gnome-thumbnail-factory/*.png rw,
-  owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/*.png rwl -> @{user_cache_dirs}/thumbnails/{fail,*large,normal}/#@{int},
-  owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/*.png.@{rand6} rw,
-  owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/#@{int} rw,
+  include <abstractions/thumbnails-cache-read>
+
+  owner @{user_cache_dirs}/thumbnails/ w,
+  owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/ w,
+  owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/*.png wl,
+  owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/*.png.@{rand6} w,
+  owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/#@{int} w,
+  owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/gnome-thumbnail-factory/ w,
+  owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/gnome-thumbnail-factory/*.png w,
 
   include if exists <abstractions/thumbnails-cache-write.d>