fix(abstractions, tunables): move vim modeline

Move vim syntax comment to the end of the file, separated by newline, as requested in #380.
2024-11-14 23:43:56 +01:00 · 2024-06-15 16:52:31 +03:00 · 2024-06-15 16:52:31 +03:00 · eb480672f3
commit eb480672f3
parent 6b5475c7f2
134 changed files with 281 additions and 148 deletions
--- a/apparmor.d/abstractions/X-strict
+++ b/apparmor.d/abstractions/X-strict
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2022-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  # The unix socket to use to connect to the display
  unix (connect, receive, send) type=stream peer=(addr="@/tmp/.X11-unix/X[0-9]*"),
@ -30,3 +29,5 @@
  owner @{run}/user/@{uid}/xauth_@{rand6} rl -> @{run}/user/@{uid}/#@{int},

  include if exists <abstractions/X-strict.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/X.d/complete
+++ b/apparmor.d/abstractions/X.d/complete
@ -2,7 +2,8 @@
 # Copyright (C) 2020-2021 Mikhail Morfikov
 # Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  # Available Xsessions
  /usr/share/xsessions/{,*.desktop} r,
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/app-launcher-root
+++ b/apparmor.d/abstractions/app-launcher-root
@ -2,7 +2,6 @@
 # Copyright (C) 2020-2022 Mikhail Morfikov
 # Copyright (C) 2022-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  @{bin}/*                      PUx,
  /usr/local/{s,}bin/*          PUx,
@ -12,4 +11,6 @@
  /usr/                         r,
  /usr/local/{s,}bin/           r,

-  include if exists <abstractions/app-launcher-root.d>
+  include if exists <abstractions/app-launcher-root.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/app-launcher-user
+++ b/apparmor.d/abstractions/app-launcher-user
@ -2,7 +2,6 @@
 # Copyright (C) 2020-2022 Mikhail Morfikov
 # Copyright (C) 2022-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  @{bin}/*                      PUx,
  /opt/*/**                     PUx,
@ -22,4 +21,6 @@
  /usr/                         r,
  /usr/local/bin/               r,

-  include if exists <abstractions/app-launcher-user.d>
+  include if exists <abstractions/app-launcher-user.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/app-open
+++ b/apparmor.d/abstractions/app-open
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # Instead of allowing the run of all software in @{bin}/, @{lib} the purpose of
 # this abstraction is to list all GUI program that can open resources.
@ -52,3 +51,5 @@


  include if exists <abstractions/app-open.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/app/chromium
+++ b/apparmor.d/abstractions/app/chromium
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2022-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # Full set of rules for all chromium based browsers. It works as a *function*
 # and requires some variables to be provided as *arguments* and set in the
@ -210,3 +209,5 @@
  deny @{user_share_dirs}/gvfs-metadata/* r,

  include if exists <abstractions/app/chromium.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/app/editor
+++ b/apparmor.d/abstractions/app/editor
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2024 Zane Zakraisek <zz@eng.utah.edu>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  include <abstractions/nameservice-strict>

@ -27,3 +26,5 @@
  owner @{user_config_dirs}/vim/{,**} r,

  include if exists <abstractions/app/editor.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/app/firefox
+++ b/apparmor.d/abstractions/app/firefox
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2022-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # Full set of rules for all firefox based browsers. It works as a *function*
 # and requires some variables to be provided as *arguments* and set in the
@ -159,3 +158,5 @@
  deny @{run}/user/@{uid}/gnome-shell-disable-extensions w,

  include if exists <abstractions/app/firefox.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/app/open
+++ b/apparmor.d/abstractions/app/open
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # Full set of rules for child-open-* profiles.

@ -14,3 +13,5 @@
  /dev/tty rw,

  include if exists <abstractions/app/open.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/app/pgrep
+++ b/apparmor.d/abstractions/app/pgrep
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # Minimal set of rules for pgrep.

@ -24,3 +23,5 @@
  @{PROC}/uptime r,

  include if exists <abstractions/app/pgrep.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/app/sudo
+++ b/apparmor.d/abstractions/app/sudo
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # Minimal set of rules for sudo. Interactive sudo need more rules.

@ -69,3 +68,5 @@
  deny @{user_share_dirs}/gvfs-metadata/* r,

  include if exists <abstractions/app/sudo.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/app/systemctl
+++ b/apparmor.d/abstractions/app/systemctl
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  include <abstractions/bus-system>
  include <abstractions/consoles>
@ -27,3 +26,5 @@
    owner @{PROC}/@{pid}/stat r,

  include if exists <abstractions/app/systemctl.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/audio-client
+++ b/apparmor.d/abstractions/audio-client
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # Most programs do not need access to audio devices, audio-client only includes
 # configuration files to be used by client applications.
@ -59,3 +58,5 @@
  owner /dev/shm/pulse-shm-@{int} rw,

  include if exists <abstractions/audio-client.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/audio-server
+++ b/apparmor.d/abstractions/audio-server
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # Provide access to audio devices. It should only be used by audio servers that
 # need direct access to them. 
@ -44,3 +43,5 @@
  /dev/sound/*    rw,

  include if exists <abstractions/audio-server.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/audio.d/complete
+++ b/apparmor.d/abstractions/audio.d/complete
@ -2,7 +2,6 @@
 # Copyright (C) 2020-2022 Mikhail Morfikov
 # Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  # PulseAudio module-ladspa-sink (plugin sc4m_1916)
  @{lib}/ladspa/ r,
@ -12,3 +11,5 @@

  @{sys}/class/ r,
  @{sys}/class/sound/ r,
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/authentication.d/complete
+++ b/apparmor.d/abstractions/authentication.d/complete
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  @{bin}/pam-tmpdir-helper rPx,

@ -13,3 +12,4 @@
  @{lib}/security-misc/pam-abort-on-locked-password rPx,
  @{lib}/security-misc/pam-info rPx,

+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/base.d/complete
+++ b/apparmor.d/abstractions/base.d/complete
@ -2,7 +2,6 @@
 # Copyright (C) 2020-2022 Mikhail Morfikov
 # Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  # Allow to receive some signals from new well-known profiles
  signal (receive)                           peer=btop,
@ -30,3 +29,5 @@
  @{PROC}/sys/kernel/core_pattern r,

  deny /apparmor/.null rw,
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bash-strict
+++ b/apparmor.d/abstractions/bash-strict
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # This abstraction is only required when an interactive shell is started.
 # Classic shell scripts do not need it.
@ -34,3 +33,5 @@
  owner @{PROC}/@{pid}/mounts r,

  include if exists <abstractions/bash-strict.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bash.d/complete
+++ b/apparmor.d/abstractions/bash.d/complete
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  /usr/share/bash-completion/{,**} r,

@ -10,3 +9,5 @@

  owner @{HOME}/.alias r,
  owner @{HOME}/.i18n r,
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus-accessibility
+++ b/apparmor.d/abstractions/bus-accessibility
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=accessibility path=/org/freedesktop/DBus
       interface=org.freedesktop.DBus
@ -18,3 +17,5 @@
  owner @{run}/user/@{uid}/at-spi/bus_@{int} rw,

  include if exists <abstractions/bus-accessibility.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus-session
+++ b/apparmor.d/abstractions/bus-session
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  unix (bind, listen) type=stream addr="@/tmp/dbus-*",
  unix (connect, send, receive, accept) type=stream addr="@/tmp/dbus-*",
@ -26,3 +25,5 @@
  owner @{run}/user/@{uid}/bus rw,

  include if exists <abstractions/bus-session.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus-system
+++ b/apparmor.d/abstractions/bus-system
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/DBus
       interface=org.freedesktop.DBus
@ -16,3 +15,5 @@
  @{run}/dbus/system_bus_socket rw,

  include if exists <abstractions/bus-system.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry
+++ b/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # Access required for connecting to/communicating with the Unity Launcher

@ -21,3 +20,5 @@
       peer=(name=:*, label=gnome-shell),

  include if exists <abstractions/bus/com.canonical.Unity.LauncherEntry.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/com.canonical.dbusmenu
+++ b/apparmor.d/abstractions/bus/com.canonical.dbusmenu
@ -1,7 +1,8 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor


  include if exists <abstractions/bus/com.canonical.dbusmenu.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1
+++ b/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/fi/w1/wpa_supplicant1
       interface=org.freedesktop.DBus.Properties
@ -49,3 +48,5 @@
       peer=(name=:*, label=wpa-supplicant),

  include if exists <abstractions/bus/fi.w1.wpa_supplicant1.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/net.hadess.PowerProfiles
+++ b/apparmor.d/abstractions/bus/net.hadess.PowerProfiles
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/net/hadess/PowerProfiles
       interface=org.freedesktop.DBus.Properties
@ -9,3 +8,5 @@
       peer=(name=:*, label=power-profiles-daemon),

  include if exists <abstractions/bus/net.hadess.PowerProfiles.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl
+++ b/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/net/hadess/SwitcherooControl
       interface=org.freedesktop.DBus.Properties
@ -9,3 +8,5 @@
       peer=(name=:*, label=switcheroo-control),

  include if exists <abstractions/bus/net.hadess.SwitcherooControl.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/net.reactivated.Fprint
+++ b/apparmor.d/abstractions/bus/net.reactivated.Fprint
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/net/reactivated/Fprint/Manager
       interface=net.reactivated.Fprint.Manager
@ -19,3 +18,5 @@
       peer=(name=net.reactivated.Fprint, label=fprintd),

  include if exists <abstractions/bus/net.reactivated.Fprint.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.a11y
+++ b/apparmor.d/abstractions/bus/org.a11y
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  # Accessibility bus

@ -43,3 +42,5 @@
       peer=(name=org.a11y.Bus),

  include if exists <abstractions/bus/org.a11y.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.bluez
+++ b/apparmor.d/abstractions/bus/org.bluez
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus receive bus=system path=/
       interface=org.freedesktop.DBus.ObjectManager
@ -44,3 +43,5 @@
       peer=(name=org.bluez, label=bluetoothd),

  include if exists <abstractions/bus/org.bluez.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.Accounts
+++ b/apparmor.d/abstractions/bus/org.freedesktop.Accounts
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/Accounts
       interface=org.freedesktop.Accounts
@ -29,3 +28,5 @@
       peer=(name=:*, label=accounts-daemon),

  include if exists <abstractions/bus/org.freedesktop.Accounts.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.Avahi
+++ b/apparmor.d/abstractions/bus/org.freedesktop.Avahi
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/
       interface=org.freedesktop.DBus.Peer
@ -24,3 +23,5 @@
       peer=(name=:*, label=avahi-daemon),

  include if exists <abstractions/bus/org.freedesktop.Avahi.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.ColorManager
+++ b/apparmor.d/abstractions/bus/org.freedesktop.ColorManager
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/ColorManager
       interface=org.freedesktop.ColorManager
@ -24,3 +23,5 @@
       peer=(name=:*, label=colord),

  include if exists <abstractions/bus/org.freedesktop.ColorManager.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.FileManager1
+++ b/apparmor.d/abstractions/bus/org.freedesktop.FileManager1
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/freedesktop/FileManager1
       interface=org.freedesktop.DBus.Properties
@ -14,3 +13,5 @@
       peer=(name=:*, label=nautilus),

  include if exists <abstractions/bus/org.freedesktop.FileManager1.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2
+++ b/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/GeoClue2/Manager
       interface=org.freedesktop.DBus.Properties
@ -34,3 +33,5 @@
       peer=(name=:*, label=geoclue),

  include if exists <abstractions/bus/org.freedesktop.GeoClue2.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1
+++ b/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/ModemManager1
       interface=org.freedesktop.DBus.ObjectManager
@ -19,3 +18,5 @@
       peer=(name=:*, label=ModemManager),

  include if exists <abstractions/bus/org.freedesktop.ModemManager1.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager
+++ b/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop
       interface=org.freedesktop.DBus.ObjectManager
@ -74,3 +73,5 @@
       peer=(name="{:*,org.freedesktop.NetworkManager}", label=NetworkManager),

  include if exists <abstractions/bus/org.freedesktop.NetworkManager.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.Notifications
+++ b/apparmor.d/abstractions/bus/org.freedesktop.Notifications
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/freedesktop/Notifications
       interface=org.freedesktop.DBus.Properties
@ -24,3 +23,5 @@
       peer=(name=org.freedesktop.DBus, label=gjs-console),

  include if exists <abstractions/bus/org.freedesktop.Notifications.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.PackageKit
+++ b/apparmor.d/abstractions/bus/org.freedesktop.PackageKit
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/PackageKit
       interface=org.freedesktop.DBus.Properties
@ -23,3 +22,5 @@
       peer=(name=org.freedesktop.PackageKit, label=packagekitd),

  include if exists <abstractions/bus/org.freedesktop.PackageKit.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1
+++ b/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus receive bus=system path=/org/freedesktop/PolicyKit1/Authority
       interface=org.freedesktop.PolicyKit1.Authority
@ -33,3 +32,5 @@
       peer=(name=:*, label=polkitd),

  include if exists <abstractions/bus/org.freedesktop.PolicyKit1.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1
+++ b/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/RealtimeKit1
       interface=org.freedesktop.DBus.Properties
@ -29,3 +28,5 @@
       peer=(name=org.freedesktop.RealtimeKit1, label=rtkit-daemon),

  include if exists <abstractions/bus/org.freedesktop.RealtimeKit1.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver
+++ b/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/ScreenSaver
       interface=org.freedesktop.ScreenSaver
@ -9,3 +8,5 @@
       peer=(name=org.freedesktop.ScreenSaver),

  include if exists <abstractions/bus/org.freedesktop.ScreenSaver.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files
+++ b/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/freedesktop/Tracker3/Endpoint
       interface=org.freedesktop.DBus.Peer
@ -14,3 +13,5 @@
       peer=(name=org.freedesktop.Tracker3.Miner.Files, label=tracker-miner),

  include if exists <abstractions/bus/org.freedesktop.Tracker3.Miner.Files.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.UDisks2
+++ b/apparmor.d/abstractions/bus/org.freedesktop.UDisks2
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/UDisks2
       interface=org.freedesktop.DBus.ObjectManager
@ -54,3 +53,5 @@
       peer=(name="{:*,org.freedesktop.UDisks2}", label=udisksd),

  include if exists <abstractions/bus/org.freedesktop.UDisks2.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.UPower
+++ b/apparmor.d/abstractions/bus/org.freedesktop.UPower
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/UPower
       interface=org.freedesktop.UPower
@ -43,3 +42,5 @@
       peer=(name="{:*,org.freedesktop.UPower}", label=upowerd),

  include if exists <abstractions/bus/org.freedesktop.UPower.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor
+++ b/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/freedesktop/background/monitor
       interface=org.freedesktop.DBus.Properties
@ -14,3 +13,5 @@
       peer=(name=:*, label=xdg-desktop-portal),

  include if exists <abstractions/bus/org.freedesktop.background.Monitor.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.hostname1
+++ b/apparmor.d/abstractions/bus/org.freedesktop.hostname1
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/hostname1
       interface=org.freedesktop.DBus.Properties
@ -14,3 +13,5 @@
       peer=(name=org.freedesktop.hostname1),

  include if exists <abstractions/bus/org.freedesktop.hostname1.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore
+++ b/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/freedesktop/impl/portal/PermissionStore
       interface=org.freedesktop.DBus.Properties
@ -14,3 +13,5 @@
       peer=(name=:*, label=xdg-permission-store),

  include if exists <abstractions/bus/org.freedesktop.impl.portal.PermissionStore.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.locale1
+++ b/apparmor.d/abstractions/bus/org.freedesktop.locale1
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/locale1
       interface=org.freedesktop.DBus.Properties
@ -13,3 +12,5 @@
       peer=(name=org.freedesktop.locale1),

  include if exists <abstractions/bus/org.freedesktop.locale1.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.login1
+++ b/apparmor.d/abstractions/bus/org.freedesktop.login1
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/login1
       interface=org.freedesktop.DBus.Properties
@ -34,3 +33,5 @@
       peer=(name=org.freedesktop.login1, label=systemd-logind),

  include if exists <abstractions/bus/org.freedesktop.login1.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.login1.Session
+++ b/apparmor.d/abstractions/bus/org.freedesktop.login1.Session
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/login1
       interface=org.freedesktop.login1.Manager
@ -39,3 +38,5 @@
       peer=(name="{:*,org.freedesktop.login1}", label=systemd-logind),

  include if exists <abstractions/bus/org.freedesktop.login1.Session.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.network1
+++ b/apparmor.d/abstractions/bus/org.freedesktop.network1
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/network1
       interface=org.freedesktop.DBus.Properties
@ -9,3 +8,5 @@
       peer=(name=org.freedesktop.network1, label=systemd-networkd),

  include if exists <abstractions/bus/org.freedesktop.network1.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop
+++ b/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/freedesktop/portal/desktop
       interface=org.freedesktop.DBus.Properties
@ -29,3 +28,5 @@
       peer=(name=:*, label=xdg-desktop-portal),

  include if exists <abstractions/bus/org.freedesktop.portal.Desktop.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.resolve1
+++ b/apparmor.d/abstractions/bus/org.freedesktop.resolve1
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/resolve1
       interface=org.freedesktop.resolve1.Manager
@ -9,3 +8,5 @@
       peer=(name="{:*,org.freedesktop.resolve1}", label=systemd-resolved),

  include if exists <abstractions/bus/org.freedesktop.resolve1.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.secrets
+++ b/apparmor.d/abstractions/bus/org.freedesktop.secrets
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/freedesktop/secrets{,/**}
       interface=org.freedesktop.DBus.Properties
@ -29,3 +28,5 @@
       peer=(name=:*, label=gnome-keyring-daemon),

  include if exists <abstractions/bus/org.freedesktop.secrets.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.systemd1
+++ b/apparmor.d/abstractions/bus/org.freedesktop.systemd1
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/systemd1
       interface=org.freedesktop.DBus.Properties
@ -19,3 +18,5 @@
       peer=(name=org.freedesktop.systemd1),

  include if exists <abstractions/bus/org.freedesktop.systemd1.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session
+++ b/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/freedesktop/systemd1
       interface=org.freedesktop.DBus.Properties
@ -19,3 +18,5 @@
       peer=(name="{:*,org.freedesktop.systemd1}", label="@{p_systemd_user}"),

  include if exists <abstractions/bus/org.freedesktop.systemd1-session.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.freedesktop.timedate1
+++ b/apparmor.d/abstractions/bus/org.freedesktop.timedate1
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/freedesktop/timedate1
       interface=org.freedesktop.DBus.Properties
@ -20,3 +19,5 @@
       peer=(name=:*, label=systemd-timedated),

  include if exists <abstractions/bus/org.freedesktop.timedate1.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1
+++ b/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/gnome/ArchiveManager1
       interface=org.freedesktop.DBus.Properties
@ -14,3 +13,5 @@
       peer=(name=:*, label=file-roller),

  include if exists <abstractions/bus/org.gnome.ArchiveManager1.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.gnome.DisplayManager
+++ b/apparmor.d/abstractions/bus/org.gnome.DisplayManager
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=system path=/org/gnome/DisplayManager/Manager
       interface=org.gnome.DisplayManager.Manager
@ -9,3 +8,5 @@
       peer=(name=:*, label=gdm),

  include if exists <abstractions/bus/org.gnome.DisplayManager.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig
+++ b/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/gnome/Mutter/DisplayConfig
       interface=org.gnome.Mutter.DisplayConfig
@ -29,3 +28,5 @@
       peer=(name=:*, label=gnome-shell),

  include if exists <abstractions/bus/org.gnome.Mutter.DisplayConfig.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor
+++ b/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/gnome/Mutter/IdleMonitor
       interface=org.freedesktop.DBus.ObjectManager
@ -19,3 +18,5 @@
       peer=(name=:*, label=gnome-shell),

  include if exists <abstractions/bus/org.gnome.Mutter.IdleMonitor.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2
+++ b/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/gnome/Nautilus/FileOperations2
       interface=org.freedesktop.DBus.Properties
@ -19,3 +18,5 @@
       peer=(name=:*, label=nautilus),

  include if exists <abstractions/bus/org.gnome.Nautilus.FileOperations2.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.gnome.ScreenSaver
+++ b/apparmor.d/abstractions/bus/org.gnome.ScreenSaver
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/gnome/ScreenSaver
       interface=org.freedesktop.DBus.Properties
@ -19,3 +18,5 @@
       peer=(name=:*, label=gjs-console),

  include if exists <abstractions/bus/org.gnome.ScreenSaver.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.gnome.SessionManager
+++ b/apparmor.d/abstractions/bus/org.gnome.SessionManager
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # FIXME: Too large, restrict it.

@ -61,3 +60,5 @@
       peer=(name=org.gnome.SessionManager, label=gnome-session-binary),

  include if exists <abstractions/bus/org.gnome.SessionManager.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect
+++ b/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/gnome/Shell/Introspect
       interface=org.freedesktop.DBus.Properties
@ -29,3 +28,5 @@
       peer=(name=:*, label=gnome-shell),

  include if exists <abstractions/bus/org.gnome.Shell.Introspect.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor
+++ b/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/gtk/Private/RemoteVolumeMonitor
       interface=org.gtk.Private.RemoteVolumeMonitor
@ -19,3 +18,5 @@
       peer=(name=:*, label=gvfs-*-volume-monitor),

  include if exists <abstractions/bus/org.gtk.Private.RemoteVolumeMonitor.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon
+++ b/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/gtk/vfs/Daemon
       interface=org.gtk.vfs.Daemon
@ -9,3 +8,5 @@
       peer=(name=:*, label=gvfsd),

  include if exists <abstractions/bus/org.gtk.vfs.Daemon.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata
+++ b/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/gtk/vfs/metadata
       interface=org.freedesktop.DBus.Properties
@ -14,3 +13,5 @@
       peer=(name=:*, label=gvfsd-metadata),

  include if exists <abstractions/bus/org.gtk.vfs.Metadata.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker
+++ b/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/org/gtk/vfs/mounttracker
       interface=org.gtk.vfs.MountTracker
@ -19,3 +18,5 @@
       peer=(name=:*, label=gvfsd),

  include if exists <abstractions/bus/org.gtk.vfs.MountTracker.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem
+++ b/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem
@ -1,7 +1,8 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor


  include if exists <abstractions/bus/org.kde.StatusNotifierItem.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher
+++ b/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session path=/StatusNotifierWatcher
       interface=org.freedesktop.DBus.Properties
@ -19,3 +18,5 @@
       peer=(name=org.kde.StatusNotifierWatcher, label=gnome-shell),

  include if exists <abstractions/bus/org.kde.StatusNotifierWatcher.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/bus/org.kde.kwalletd
+++ b/apparmor.d/abstractions/bus/org.kde.kwalletd
@ -1,6 +1,7 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  include if exists <abstractions/bus/org.kde.kwalletd.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/common/app
+++ b/apparmor.d/abstractions/common/app
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor
 # LOGPROF-SUGGEST: no

 # Common rules for applications sandboxed using bwrap.
@ -130,4 +129,6 @@
  /dev/pts/ptmx rw,
  /dev/tty rw,

-  include if exists <abstractions/common/app.d>
+  include if exists <abstractions/common/app.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/common/apt
+++ b/apparmor.d/abstractions/common/apt
@ -2,7 +2,6 @@
 # Copyright (C) 2019-2021 Mikhail Morfikov
 # Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  /usr/share/dpkg/cputable r,
  /usr/share/dpkg/tupletable r,
@ -29,4 +28,6 @@
  owner @{tmp}/#@{int} rw,
  owner @{tmp}/clearsigned.message.* rw,

-  include if exists <abstractions/common/apt.d>
+  include if exists <abstractions/common/apt.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/common/bwrap
+++ b/apparmor.d/abstractions/common/bwrap
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # A minimal set of rules for sandboxed programs using bwrap. 
 # A profile using this abstraction still needs to set:
@ -54,3 +53,5 @@
  owner @{PROC}/@{pid}/uid_map rw,

  include if exists <abstractions/common/bwrap.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/common/chromium
+++ b/apparmor.d/abstractions/common/chromium
@ -2,7 +2,6 @@
 # Copyright (C) 2022 Mikhail Morfikov
 # Copyright (C) 2022-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # This abstraction is for chromium based application. Chromium based browsers
 # need to use abstractions/chromium instead.
@ -40,4 +39,6 @@
  owner @{PROC}/@{pid}/gid_map w,
  owner @{PROC}/@{pid}/uid_map w,

-  include if exists <abstractions/common/chromium.d>
+  include if exists <abstractions/common/chromium.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/common/electron
+++ b/apparmor.d/abstractions/common/electron
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # Minimal set of rules for all electron based UI application. It works as a 
 # *function* and requires some variables to be provided as *arguments* and set 
@ -87,4 +86,6 @@
  owner @{PROC}/@{pid}/task/@{tid}/status r,
  owner @{PROC}/@{pid}/uid_map w, # If kernel.unprivileged_userns_clone = 1

-  include if exists <abstractions/common/electron.d>
+  include if exists <abstractions/common/electron.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/common/gnome
+++ b/apparmor.d/abstractions/common/gnome
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # Minimal set of rules for all gnome based UI application.

@ -25,4 +24,6 @@

  owner @{PROC}/@{pid}/cmdline r,

-  include if exists <abstractions/common/gnome.d>
+  include if exists <abstractions/common/gnome.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/common/systemd
+++ b/apparmor.d/abstractions/common/systemd
@ -2,7 +2,6 @@
 # Copyright (C) 2019-2021 Mikhail Morfikov
 # Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  ptrace (read) peer=@{p_systemd},

@ -19,4 +18,6 @@

  /dev/kmsg w,

-  include if exists <abstractions/common/systemd.d>
+  include if exists <abstractions/common/systemd.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/crypto.d/complete
+++ b/apparmor.d/abstractions/crypto.d/complete
@ -1,9 +1,10 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  include <abstractions/openssl>

  @{etc_ro}/gnutls/config r,
  @{etc_ro}/gnutls/pkcs11.conf r,
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/dconf-write
+++ b/apparmor.d/abstractions/dconf-write
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2022-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # Permissions for querying dconf settings with write access; use the dconf
 # abstraction first, and dconf-write only for specific application's profile.
@ -26,3 +25,5 @@
  owner @{run}/user/@{uid}/dconf/user rw,

  include if exists <abstractions/dconf-write.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/deny-sensitive-home
+++ b/apparmor.d/abstractions/deny-sensitive-home
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2022-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # DO NOT USE IT WITHOUT EXPLICIT AUTHORISATION FROM THE PROJECT MAINTAINER

@ -50,3 +49,5 @@
  deny @{HOME}/.{,cache/}fontconfig/** mrwl,

  include if exists <abstractions/deny-sensitive-home.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/desktop
+++ b/apparmor.d/abstractions/desktop
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # Unified minimal abstraction for all UI application regardless of the desktop environment.

@ -64,3 +63,5 @@
  owner @{user_share_dirs}/ rw,

  include if exists <abstractions/desktop.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/devices-usb
+++ b/apparmor.d/abstractions/devices-usb
@ -2,7 +2,6 @@
 # Copyright (C) 2021 Mikhail Morfikov
 # Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  /dev/ r,
  /dev/bus/usb/ r,
@ -23,4 +22,6 @@
  @{run}/udev/data/c16[6,7]:@{int} r,   # USB modems
  @{run}/udev/data/c18[0,8,9]:@{int} r, # USB devices & USB serial converters

-  include if exists <abstractions/devices-usb.d>
+  include if exists <abstractions/devices-usb.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/disks-read
+++ b/apparmor.d/abstractions/disks-read
@ -2,7 +2,6 @@
 # Copyright (C) 2019-2021 Mikhail Morfikov
 # Copyright (C) 2022-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  # The /sys/ entries probably should be tightened

@ -96,3 +95,5 @@
  @{run}/udev/data/+usb:*      r,     # for disk over usb hub

  include if exists <abstractions/disks-read.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/disks-write
+++ b/apparmor.d/abstractions/disks-write
@ -2,7 +2,6 @@
 # Copyright (C) 2019-2021 Mikhail Morfikov
 # Copyright (C) 2022-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  # The /sys/ entries probably should be tightened

@ -96,3 +95,5 @@
  @{run}/udev/data/+usb:*      r,     # for disk over usb hub

  include if exists <abstractions/disks-write.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/dri
+++ b/apparmor.d/abstractions/dri
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # The Direct Rendering Infrastructure (DRI) is the framework comprising the modern
 # Linux graphics stack which allows unprivileged user-space programs to issue 
@ -33,3 +32,5 @@
  /dev/dri/renderD129 rw,

  include if exists <abstractions/dri.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/fish
+++ b/apparmor.d/abstractions/fish
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

 # This abstraction is only required when an interactive shell is started.
 # Classic shell scripts do not need it.
@ -13,3 +12,5 @@
  owner @{user_config_dirs}/fish/{,**} r,

  include if exists <abstractions/fish.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/fontconfig-cache-read
+++ b/apparmor.d/abstractions/fontconfig-cache-read
@ -2,7 +2,6 @@
 # Copyright (C) 2018-2021 Mikhail Morfikov
 # Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  # The fontconfig cache can be generated via the following command:
  #   $ fc-cache -f -v
@ -47,3 +46,5 @@
  deny       "@{user_share_dirs}/fonts/**/.uuid{,.NEW,.LCK,.TMP-*}" w,

  include if exists <abstractions/fontconfig-cache-read.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/fontconfig-cache-write
+++ b/apparmor.d/abstractions/fontconfig-cache-write
@ -2,7 +2,6 @@
 # Copyright (C) 2018-2021 Mikhail Morfikov
 # Copyright (C) 2022-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  owner @{user_cache_dirs}/fontconfig/ rw,
  owner @{user_cache_dirs}/fontconfig/CACHEDIR.TAG{,.NEW,.LCK,.TMP-*} rw,
@ -40,3 +39,5 @@
   link @{user_share_dirs}/fonts/**/.uuid.LCK -> @{user_share_dirs}/fonts/**/.uuid.TMP-*,

  include if exists <abstractions/fontconfig-cache-write.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/freedesktop.org.d/complete
+++ b/apparmor.d/abstractions/freedesktop.org.d/complete
@ -2,7 +2,6 @@
 # Copyright (C) 2020-2022 Mikhail Morfikov
 # Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  @{system_share_dirs}/*ubuntu/applications/{,**} r,
  @{system_share_dirs}/gnome/applications/{,**} r,
@ -23,3 +22,5 @@
  /var/lib/snapd/desktop/icons/{,**} r,

  owner @{HOME}/.icons/{,**} r,
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/gnome-strict
+++ b/apparmor.d/abstractions/gnome-strict
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  include <abstractions/fonts>
  include <abstractions/freedesktop.org>
@ -29,3 +28,5 @@
  owner @{user_share_dirs}/ rw,

  include if exists <abstractions/gnome-strict.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/gnome.d/complete
+++ b/apparmor.d/abstractions/gnome.d/complete
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  include <abstractions/gtk>

@ -11,3 +10,5 @@
       peer=(name=:*, label=gnome-shell),

  /var/cache/gio-@{int}.@{int}/gnome-mimeapps.list r,
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/graphics
+++ b/apparmor.d/abstractions/graphics
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  include <abstractions/dri>
  include <abstractions/mesa>
@ -21,3 +20,5 @@
  @{sys}/devices/system/node/node@{int}/meminfo r,

  include if exists <abstractions/graphics.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/graphics-full
+++ b/apparmor.d/abstractions/graphics-full
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  include <abstractions/graphics>

@ -10,3 +9,5 @@
  /dev/nvidia-uvm-tools rw,

  include if exists <abstractions/graphics-full.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/gstreamer
+++ b/apparmor.d/abstractions/gstreamer
@ -2,7 +2,6 @@
 # Copyright (C) 2019-2021 Mikhail Morfikov
 # Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  @{lib}/@{multiarch}/libproxy/*/modules/*.so mr,
  @{lib}/@{multiarch}/libvisual-[0-9].[0-9]/*/*.so mr,
@ -55,3 +54,5 @@
  /dev/dri/ r,

  include if exists <abstractions/gstreamer.d>
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/gtk.d/complete
+++ b/apparmor.d/abstractions/gtk.d/complete
@ -1,7 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2022-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  dbus send bus=session
       interface=org.gtk.Actions
@ -41,3 +40,5 @@
  owner @{user_config_dirs}/gtk-{3,4}.0/servers r,
  owner @{user_config_dirs}/gtk-{3,4}.0/settings.ini r,
  owner @{user_config_dirs}/gtk-{3,4}.0/window_decorations.css r,
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/ibus.d/complete
+++ b/apparmor.d/abstractions/ibus.d/complete
@ -2,7 +2,6 @@
 # Copyright (C) 2020-2022 Mikhail Morfikov
 # Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  # abstract path in ibus < 1.5.22 uses /tmp
  unix (connect, receive, send)
@ -23,3 +22,5 @@
       addr="@/home/*/.cache/ibus/dbus-????????",

  owner @{user_cache_dirs}/ibus/dbus-@{rand8} rw,
+
+# vim:syntax=apparmor
--- a/apparmor.d/abstractions/kde-open5.d/complete
+++ b/apparmor.d/abstractions/kde-open5.d/complete
@ -1,10 +1,11 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2022-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
-# vim:syntax=apparmor

  @{bin}/kde-open rix,

  owner @{user_config_dirs}/menus/{,**} r,

  owner @{run}/user/@{uid}/kioclient*.@{int}.kioworker.socket rwl -> @{run}/user/@{uid}/#@{int},
+
+# vim:syntax=apparmor
--- a/Show More
+++ b/Show More