From d9ce0d287d04d498432a3879f6c6b289d575eba0 Mon Sep 17 00:00:00 2001
From: odomingao <sabadao@riseup.net>
Date: Mon, 9 Sep 2024 23:33:28 -0300
Subject: [PATCH] Create earlyoom

---
 apparmor.d/profiles-a-f/earlyoom | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 apparmor.d/profiles-a-f/earlyoom

diff --git a/apparmor.d/profiles-a-f/earlyoom b/apparmor.d/profiles-a-f/earlyoom
new file mode 100644
index 00000000..6752cbae
--- /dev/null
+++ b/apparmor.d/profiles-a-f/earlyoom
@@ -0,0 +1,28 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 odomingao
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/earlyoom
+profile earlyoom @{exec_path} {
+  include <abstractions/base>
+
+  capability kill,
+
+  @{exec_path} mr,
+
+        @{PROC}/ r,
+        @{PROC}/@{pid}/cmdline r,
+        @{PROC}/@{pid}/comm r,
+        @{PROC}/@{pid}/oom_adj r,
+        @{PROC}/@{pid}/oom_score r,
+        @{PROC}/@{pid}/oom_score_adj r,
+        @{PROC}/@{pid}/stat r,
+
+  include if exists <local/earlyoom>
+}
+
+# vim:syntax=apparmor