From dd1b3b16e263f4b8c33cee4d64793c7dea1d3b12 Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Fri, 15 Mar 2024 16:18:44 +0000
Subject: [PATCH] feat(profile): move gcr tools.

---
 apparmor.d/groups/gnome/gcr-prompter           | 18 ++++++++++++++++++
 apparmor.d/groups/{ssh => gnome}/gcr-ssh-agent |  2 +-
 2 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 apparmor.d/groups/gnome/gcr-prompter
 rename apparmor.d/groups/{ssh => gnome}/gcr-ssh-agent (92%)

diff --git a/apparmor.d/groups/gnome/gcr-prompter b/apparmor.d/groups/gnome/gcr-prompter
new file mode 100644
index 00000000..4ecc0c0d
--- /dev/null
+++ b/apparmor.d/groups/gnome/gcr-prompter
@@ -0,0 +1,18 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{lib}/gcr-prompter
+profile gcr-prompter @{exec_path} {
+  include <abstractions/base>
+
+  @{exec_path} mr,
+
+  owner @{HOME}/@{XDG_SSH_DIR}/ r,
+
+  include if exists <local/gcr-prompter>
+}
\ No newline at end of file
diff --git a/apparmor.d/groups/ssh/gcr-ssh-agent b/apparmor.d/groups/gnome/gcr-ssh-agent
similarity index 92%
rename from apparmor.d/groups/ssh/gcr-ssh-agent
rename to apparmor.d/groups/gnome/gcr-ssh-agent
index 261ab8d9..132a1bad 100644
--- a/apparmor.d/groups/ssh/gcr-ssh-agent
+++ b/apparmor.d/groups/gnome/gcr-ssh-agent
@@ -15,7 +15,7 @@ profile gcr-ssh-agent @{exec_path} {
   @{bin}/ssh-agent  rPx,
   @{bin}/ssh-add    rix,
 
-  owner @{HOME}/@{XDG_SSH_DIR}/* r,
+  owner @{HOME}/@{XDG_SSH_DIR}/{,*} r,
 
   owner @{run}/user/@{uid}/ssh-askpass.@{rand6}/{,*} rw,