From e4a986096f87bcca5398747037de1e362ea60ae1 Mon Sep 17 00:00:00 2001
From: EricLin0509 <143688917+EricLin0509@users.noreply.github.com>
Date: Thu, 12 Sep 2024 18:59:25 +0800
Subject: [PATCH] Add support for linuxqq (#474)

---
 apparmor.d/profiles-g-l/linuxqq | 58 +++++++++++++++++++++++++++++++++
 1 file changed, 58 insertions(+)
 create mode 100644 apparmor.d/profiles-g-l/linuxqq

diff --git a/apparmor.d/profiles-g-l/linuxqq b/apparmor.d/profiles-g-l/linuxqq
new file mode 100644
index 00000000..64045843
--- /dev/null
+++ b/apparmor.d/profiles-g-l/linuxqq
@@ -0,0 +1,58 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 EricLin <ericlin050914@gmail.com>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{name} = QQ
+@{lib_dirs} = /opt/QQ/
+@{config_dirs} = @{user_config_dirs}/@{name}
+@{cache_dirs} = @{user_cache_dirs}/@{name}
+
+@{exec_path} = @{bin}/linuxqq
+@{exec_path} += /opt/QQ/qq
+profile linuxqq @{exec_path} flags=(attach_disconnected) {
+    include <abstractions/base>
+    include <abstractions/nameservice-strict>
+    include <abstractions/common/electron>
+    include <abstractions/graphics>
+    include <abstractions/ssl_certs>
+    include <abstractions/fontconfig-cache-read>
+    include <abstractions/audio-client>
+
+    network netlink raw,
+    network netlink dgram,
+    network inet stream,
+    network inet dgram,
+    network inet6 dgram,
+    network inet6 stream,
+
+    @{exec_path} mr,
+
+    @{sh_path}  r,
+    @{bin}/find rix,
+    @{bin}/rm   rix,
+    @{bin}/xdg-open rix,
+    @{bin}/grep rix,
+    /opt/QQ/qq ix,
+    /opt/QQ/chrome_crashpad_handler ix,
+
+    @{lib_dirs}/resources/app/{,**} m,
+
+    /etc/machine-id r,
+
+    @{run}/systemd/inhibit/@{int}.ref rw,
+    @{run}/utmp r,
+
+    owner @{PROC}/@{pid}/loginuid r,
+    owner @{PROC}/@{pid}/mounts r,
+    owner @{PROC}/@{pid}/cmdline r,
+
+    /dev/tty rw,
+    /dev/pts/@{int} rw,
+
+    include if exists <local/linuxqq>
+}
+