fix(profile): remove deprecated & never enabled profiles.

apparmor.d/profiles-a-f/code

@@ -1,105 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/3.0>,
-
-include <tunables/global>
-
-@{code_config_dirs} = @{user_config_dirs}/Code* @{HOME}/.vscode{,-oss}
-
-@{exec_path} = @{lib}/electron@{int}/electron
-profile code flags=(attach_disconnected) {
-  include <abstractions/base>
-  include <abstractions/chromium-common>
-  include <abstractions/dconf-write>
-  include <abstractions/desktop>
-  include <abstractions/fontconfig-cache-read>
-  include <abstractions/graphics>
-  include <abstractions/nameservice-strict>
-  include <abstractions/ssl_certs>
-
-  capability sys_ptrace,
-
-  network inet stream,
-  network inet6 stream,
-  network inet dgram,
-  network inet6 dgram,
-  network netlink raw,
-
-  signal (send),
-
-  @{exec_path} mrix,
-
-  @{lib}/code/node_modules.asar.unpacked/**.node rm,
-
-  # Core tools
-  @{bin}/git                    rPx,
-  @{bin}/gpg{,2}                rPx,
-  @{bin}/lsb_release            rPx -> lsb_release,
-  @{bin}/rg                     rix,
-  @{open_path}                  rPx -> child-open,
-
-  # The shell is not confined on purpose.
-  @{bin}/@{shells}              rUx,
-
-  # Confine some common tools
-  @{lib}/code/extensions/git/dist/askpass.sh     rPx,
-  @{lib}/code/extensions/git/dist/git-editor.sh  rPx,
-
-  # Do NOT confine most of the extensions
-  @{bin}/[a-z0-9]*                   rPUx,
-  @{code_config_dirs}/extensions/**  rPUx,
-  @{HOME}/.go/bin/*                  rPUx,
-  @{lib}/go/bin/*                    rPUx,
-  @{bin}/python3.@{int}               rUx,
-
-  /etc/shells r,
-  /etc/lsb-release r,
-
-  owner @{HOME}/@{XDG_SSH_DIR}/config r,
-
-  owner @{code_config_dirs}/** rwkl -> @{code_config_dirs}/**,
-
-  owner @{user_projects_dirs}/ r,
-  owner @{user_projects_dirs}/** rwkl -> @{user_projects_dirs}/**,
-
-  owner @{tmp}/@{uuid} rw,
-  owner @{tmp}/vscode-*/{,**} rw,
-  owner @{tmp}/vscode-ipc-@{uuid}.sock rw,
-
-  owner @{run}/user/@{uid}/vscode-@{hex}-*-{shared,main}.sock rw,
-  owner @{run}/user/@{uid}/vscode-git-@{hex}.sock rw,
-  owner @{run}/user/@{uid}/git-graph-askpass-[a-zA-Z0-9]*.sock rw,
-
-  @{run}/systemd/inhibit/*.ref rw,
-
-  @{sys}/devices/system/cpu/present r,
-  @{sys}/devices/system/cpu/kernel_max r,
-  @{sys}/devices/virtual/tty/tty@{int}/active r,
-
-        @{PROC}/ r,
-        @{PROC}/@{pid}/fd/ r,
-        @{PROC}/@{pid}/stat r,
-        @{PROC}/loadavg r,
-        @{PROC}/sys/fs/inotify/max_user_watches r,
-        @{PROC}/sys/kernel/yama/ptrace_scope r,
-        @{PROC}/version r,
-  owner @{PROC}/@{pid}/cgroup r,
-  owner @{PROC}/@{pid}/cmdline r,
-  owner @{PROC}/@{pid}/comm w,
-  owner @{PROC}/@{pid}/mountinfo r,
-  owner @{PROC}/@{pid}/mounts r,
-  owner @{PROC}/@{pid}/oom_score_adj rw,
-  owner @{PROC}/@{pid}/statm r,
-  owner @{PROC}/@{pids}/clear_refs w,
-  owner @{PROC}/@{pids}/task/ r,
-  owner @{PROC}/@{pids}/task/@{tid}/status r,
-
-  deny owner @{user_share_dirs}/gvfs-metadata/{,*} r,
-
-  include if exists <local/code>
-}
-
-# vim:syntax=apparmor

apparmor.d/profiles-a-f/code-wrapper

@@ -1,27 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/3.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/code{,-oss}
-profile code-wrapper @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/consoles>
-
-  @{exec_path} r,
-
-  @{sh_path}                      rix,
-  @{lib}/electron@{int}/electron  rPx -> code,
-
-  owner @{user_config_dirs}/code-flags.conf r,
-  owner @{user_config_dirs}/electron@{int}-flags.conf r,
-
-  deny owner @{user_share_dirs}/gvfs-metadata/{,*} r,
-
-  include if exists <local/code-wrapper>
-}
-
-# vim:syntax=apparmor