From 80b337bdf4f56703148411243a019cea72e36c24 Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Sun, 12 Jun 2022 12:02:16 +0100
Subject: [PATCH] revert(profiles): remove tor related profiles.

---
 apparmor.d/abstractions/tor        | 33 ------------------------------
 apparmor.d/profiles-s-z/system_tor | 25 ----------------------
 2 files changed, 58 deletions(-)
 delete mode 100644 apparmor.d/abstractions/tor
 delete mode 100644 apparmor.d/profiles-s-z/system_tor

diff --git a/apparmor.d/abstractions/tor b/apparmor.d/abstractions/tor
deleted file mode 100644
index a6719b95..00000000
--- a/apparmor.d/abstractions/tor
+++ /dev/null
@@ -1,33 +0,0 @@
-# vim:syntax=apparmor
-
-  include <abstractions/base>
-  include <abstractions/nameservice>
-  include <abstractions/openssl>
-
-  network tcp,
-  network udp,
-
-  capability chown,
-  capability dac_read_search,
-  capability fowner,
-  capability fsetid,
-  capability setgid,
-  capability setuid,
-
-  /usr/bin/tor r,
-  /usr/sbin/tor r,
-
-  # Needed by obfs4proxy
-  /proc/sys/net/core/somaxconn r,
-
-  /proc/sys/kernel/random/uuid r,
-  /sys/devices/system/cpu/ r,
-  /sys/devices/system/cpu/** r,
-
-  /etc/tor/* r,
-  /usr/share/tor/** r,
-
-  /usr/bin/obfsproxy PUx,
-  /usr/bin/obfs4proxy Pix,
-
-  include if exists <abstractions/tor.d>
\ No newline at end of file
diff --git a/apparmor.d/profiles-s-z/system_tor b/apparmor.d/profiles-s-z/system_tor
deleted file mode 100644
index dfea51de..00000000
--- a/apparmor.d/profiles-s-z/system_tor
+++ /dev/null
@@ -1,25 +0,0 @@
-# vim:syntax=apparmor
-include <tunables/global>
-
-profile system_tor flags=(attach_disconnected) {
-  include <abstractions/tor>
-  include <abstractions/openssl>
-
-  owner /var/lib/tor/** rwk,
-  owner /var/lib/tor/ r,
-  owner /var/log/tor/* w,
-
-  # During startup, tor (as root) tries to open various things such as
-  # directories via check_private_dir().  Let it.
-  /var/lib/tor/** r,
-
-  /{,var/}run/tor/ r,
-  /{,var/}run/tor/control w,
-  /{,var/}run/tor/socks w,
-  /{,var/}run/tor/tor.pid w,
-  /{,var/}run/tor/control.authcookie w,
-  /{,var/}run/tor/control.authcookie.tmp rw,
-  /{,var/}run/systemd/notify w,
-
-  include if exists <local/system_tor>
-}