feat: remove some unused profiles & abs.

apparmor.d/abstractions/totem

@@ -1,56 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) Jamie Strandboge <jamie@canonical.com>
-# SPDX-License-Identifier: GPL-2.0-only
-
-# Limit executable access and reasonable read access. A look at
-# the gconf schema files for totem-video-thumbnailer reveals at least the
-# following files:
-#  3gpp, ac3, acm, aiff, amr-wb, ape, asf, asx, au, avi, basic, divx, dv, flac,
-#  flc, fli, flic, flv, google-video-pointer, gpp, gsm, m4a, m4v, matroska,
-#  midi, mod, mp3, mp4, mp4es, mpeg, mpt2, msvideo, ms-wm, musepack,mxf,
-#  netshow, nsv, off, ogm, pict, pn-realaudio, prs.sid, quicktime, ram,
-#  realpix, rn, sbc, sdp, shorten, speex, theora, totem-stream, tta, ultravox,
-#  vivo, vorbis, wav, wavpack, wax, webm, wma, wmv, wmx, wpl, wvx, x-anim,
-#  x-it, xm
-#
-# While ideally we would narrow down our read access to the above, this is
-# a maintenance problem and doesn't work for files without extensions.
-
-  include <abstractions/gnome>
-  include <abstractions/gstreamer>
-  include <abstractions/nameservice>
-  include <abstractions/dbus-session>
-
-  # Allow read on all directories
-  /**/ r,
-
-  # Allow read on removable media and files in /usr/share and /usr/local/share
-  /usr/local/share/** r,
-  /usr/share/** r,
-  /{media,mnt,opt,srv}/** r,
-
-  owner @{user_cache_dirs}/mesa/** rwk,
-  owner @{user_cache_dirs}/thumbnails/** rw,
-  owner @{user_cache_dirs}/totem/ rw,
-  owner @{user_cache_dirs}/totem/** rwk,
-  owner @{user_cache_dirs}/totem-* rwk,
-  owner @{user_cache_dirs}/tracker/db-locale.txt r,
-  owner @{user_cache_dirs}/tracker/meta.db{,-shm,-journal,-wal} rwk,
-  owner @{user_cache_dirs}/tracker/ontologies.gvdb r,
-  owner @{user_config_dirs}/totem/ rwk,
-  owner @{user_config_dirs}/totem/** rwk,
-  owner @{user_share_dirs}/grilo-plugins/ rwk,
-  owner @{user_share_dirs}/grilo-plugins/*.db{,-shm,-journal,-wal} rwk,
-  owner @{user_share_dirs}/totem/ rwk,
-  owner @{user_share_dirs}/tracker/data/tracker-store.journal rwk,
-
-  owner @{PROC}/@{pid}/{mountinfo,status} r,
-
-  @{run}/udev/data/+drm:card* r,
-  @{run}/udev/data/+usb* r,
-
-  @{sys}/devices/system/node/*/meminfo r,
-
-  deny owner @{user_share_dirs}/gvfs-metadata/{,*} r,
-
-  include if exists <abstractions/totem.d>

apparmor.d/profiles-g-l/games-wesnoth

@@ -1,35 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/3.0>,
-
-include <tunables/global>
-
-@{exec_path} = /usr/games/wesnoth{,-[0-9]*}
-profile games-wesnoth @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/fonts>
-  include <abstractions/fontconfig-cache-read>
-  include <abstractions/dri-enumerate>
-  include <abstractions/dri-common>
-  include <abstractions/audio>
-  include <abstractions/mesa>
-  include <abstractions/nameservice-strict>
-
-  @{exec_path} mrix,
-
-  /usr/share/games/wesnoth/@{int}/{,**} r,
-
-  owner @{user_config_dirs}/wesnoth-[0-9]*/{,**} rw,
-
-  owner @{HOME}/.Xauthority r,
-
-  /etc/machine-id r,
-  /var/lib/dbus/machine-id r,
-
-  owner @{HOME}/.icons/default/index.theme r,
-  /usr/share/icons/*/index.theme r,
-
-  include if exists <local/games-wesnoth>
-}

apparmor.d/profiles-g-l/games-wesnoth-sh

@@ -1,26 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/3.0>,
-
-include <tunables/global>
-
-@{exec_path} = /usr/games/wesnoth-[0-9]*{-nolog,-smalgui,_editor} /usr/games/wesnoth-nolog
-profile games-wesnoth-sh @{exec_path} {
-  include <abstractions/base>
-
-  @{exec_path} r,
-  @{bin}/{,ba,da}sh       rix,
-
-  /usr/games/wesnoth{,-[0-9]*} rPx,
-
-  # For the editor
-  @{bin}/basename         rix,
-  @{bin}/sed              rix,
-
-  # file_inherit
-  owner @{HOME}/.xsession-errors w,
-
-  include if exists <local/games-wesnoth-sh>
-}