From 92ebab604af70a027c2e5f68ffaa15725a6d358d Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Sat, 2 Dec 2023 15:52:00 +0000
Subject: [PATCH] feat(dbus): add more dbus abstractions.

---
 apparmor.d/abstractions/bus/account-daemon | 25 ++++++++++++++++++++++
 apparmor.d/abstractions/bus/rtkit          | 15 +++++++++++++
 apparmor.d/abstractions/bus/upower         | 24 +++++++++++++++++++++
 3 files changed, 64 insertions(+)
 create mode 100644 apparmor.d/abstractions/bus/account-daemon
 create mode 100644 apparmor.d/abstractions/bus/rtkit
 create mode 100644 apparmor.d/abstractions/bus/upower

diff --git a/apparmor.d/abstractions/bus/account-daemon b/apparmor.d/abstractions/bus/account-daemon
new file mode 100644
index 00000000..7ed63651
--- /dev/null
+++ b/apparmor.d/abstractions/bus/account-daemon
@@ -0,0 +1,25 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+  dbus send bus=system path=/org/freedesktop/Accounts
+       interface=org.freedesktop.Accounts
+       member=FindUserByName
+       peer=(name=:*, label=accounts-daemon),
+
+  dbus send bus=system path=/org/freedesktop/Accounts{,/User@{uid}}
+       interface=org.freedesktop.DBus.Properties
+       member=GetAll
+       peer=(name=:*, label=accounts-daemon),
+
+  dbus receive bus=system path=/org/freedesktop/Accounts/User@{uid}
+       interface=org.freedesktop.Accounts.User
+       member=*Changed
+       peer=(name=:*, label=accounts-daemon),
+
+  dbus receive bus=system path=/org/freedesktop/Accounts/User@{uid}
+       interface=org.freedesktop.DBus.Properties
+       member=*Changed
+       peer=(name=:*, label=accounts-daemon),
+
+  include if exists <abstractions/bus/account-daemon.d>
diff --git a/apparmor.d/abstractions/bus/rtkit b/apparmor.d/abstractions/bus/rtkit
new file mode 100644
index 00000000..b14b161a
--- /dev/null
+++ b/apparmor.d/abstractions/bus/rtkit
@@ -0,0 +1,15 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+  dbus send bus=system path=/org/freedesktop/RealtimeKit1
+       interface=org.freedesktop.DBus.Properties
+       member=Get
+       peer=(name=org.freedesktop.RealtimeKit1),
+
+  dbus send bus=system path=/org/freedesktop/RealtimeKit1
+       interface=org.freedesktop.RealtimeKit1
+       member=MakeThread*
+       peer=(name=org.freedesktop.RealtimeKit1, label=rtkit-daemon),
+
+  include if exists <abstractions/bus/rtkit.d>
diff --git a/apparmor.d/abstractions/bus/upower b/apparmor.d/abstractions/bus/upower
new file mode 100644
index 00000000..43a79d21
--- /dev/null
+++ b/apparmor.d/abstractions/bus/upower
@@ -0,0 +1,24 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+  dbus send bus=system path=/org/freedesktop/UPower
+       interface=org.freedesktop.UPower
+       member=EnumerateDevices
+       peer=(name=org.freedesktop.UPower, label=upowerd),
+
+  dbus send bus=system path=/org/freedesktop/UPower
+       interface=org.freedesktop.DBus.Properties
+       member=GetAll
+       peer=(name=:*, label=upowerd),
+
+  dbus send bus=system path=/org/freedesktop/UPower/devices/DisplayDevice
+       interface=org.freedesktop.DBus.Properties
+       member={Get,GetAll}
+       peer=(name=org.freedesktop.UPower, label=upowerd),
+  dbus send bus=system path=/org/freedesktop/UPower/devices/DisplayDevice
+       interface=org.freedesktop.DBus.Properties
+       member={Get,GetAll}
+       peer=(name=:*, label=upowerd),
+
+  include if exists <abstractions/bus/upower.d>