From af5171e39d1e7e25efa6e1d114ed1849b59e3ab7 Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Sat, 16 Mar 2024 19:43:22 +0000
Subject: [PATCH] feat(tunable): add variables for some system-users.

---
 apparmor.d/tunables/multiarch.d/systemd-users | 23 +++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 apparmor.d/tunables/multiarch.d/systemd-users

diff --git a/apparmor.d/tunables/multiarch.d/systemd-users b/apparmor.d/tunables/multiarch.d/systemd-users
new file mode 100644
index 00000000..dac0cf12
--- /dev/null
+++ b/apparmor.d/tunables/multiarch.d/systemd-users
@@ -0,0 +1,23 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+# Define some extra paths for some commonly used system user
+
+# Full path of the GDM configuration directories
+@{GDM_HOME}=/var/lib/gdm{,3}/
+@{gdm_cache_dirs}=@{GDM_HOME}/.cache/
+@{gdm_config_dirs}=@{GDM_HOME}/.config/
+@{gdm_share_dirs}=@{GDM_HOME}/.local/share/
+
+# Full path of the SDDM configuration directories
+@{SDDM_HOME}=/var/lib/sddm/
+@{sddm_cache_dirs}=@{SDDM_HOME}/.cache/
+@{sddm_config_dirs}=@{SDDM_HOME}/.config/
+@{sddm_share_dirs}=@{SDDM_HOME}/.local/share/
+
+# Full path of all DE configuration directories
+@{DESKTOP_HOME}=@{GDM_HOME} @{SDDM_HOME}
+@{desktop_cache_dirs}=@{DESKTOP_HOME}/.cache/
+@{desktop_config_dirs}=@{DESKTOP_HOME}/.config/
+@{desktop_share_dirs}=@{DESKTOP_HOME}/.local/share/