From f52668628da2a452e72b21c1972d410dbf476540 Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Fri, 2 Apr 2021 00:06:05 +0100
Subject: [PATCH] Add gnome-calendar and gnome-contacts.

---
 apparmor.d/groups/gnome/gnome-calendar | 37 ++++++++++++++++++++++++++
 apparmor.d/groups/gnome/gnome-contacts | 30 +++++++++++++++++++++
 2 files changed, 67 insertions(+)
 create mode 100644 apparmor.d/groups/gnome/gnome-calendar
 create mode 100644 apparmor.d/groups/gnome/gnome-contacts

diff --git a/apparmor.d/groups/gnome/gnome-calendar b/apparmor.d/groups/gnome/gnome-calendar
new file mode 100644
index 00000000..32fea043
--- /dev/null
+++ b/apparmor.d/groups/gnome/gnome-calendar
@@ -0,0 +1,37 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2021 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = /{usr/,}bin/gnome-calendar
+profile gnome-calendar @{exec_path} {
+  include <abstractions/base>
+  include <abstractions/fonts>
+  include <abstractions/nameservice-strict>
+  include <abstractions/ssl_certs>
+  include <abstractions/openssl>
+  include <abstractions/fonts>
+  include <abstractions/gtk>
+
+  network netlink raw,
+
+  @{exec_path} mr,
+
+  /usr/share/glib-2.0/schemas/gschemas.compiled r,
+  /usr/share/icons/{,**} r,
+  /usr/share/X11/xkb/{,**} r,
+
+  owner @{user_share_dirs}/recently-used.xbel r,
+  owner @{user_config_dirs}/user-dirs.dirs r,
+
+  include <abstractions/dconf>
+  owner @{run}/user/[0-9]*/dconf/ rw,
+  owner @{run}/user/[0-9]*/dconf/user rw,
+
+  /run/user/1000/gdm/Xauthority r,
+
+  include if exists <local/gnome-calendar>
+}
diff --git a/apparmor.d/groups/gnome/gnome-contacts b/apparmor.d/groups/gnome/gnome-contacts
new file mode 100644
index 00000000..aec299fb
--- /dev/null
+++ b/apparmor.d/groups/gnome/gnome-contacts
@@ -0,0 +1,30 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2021 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = /{usr/,}bin/gnome-contacts
+profile gnome-contacts @{exec_path} {
+  include <abstractions/base>
+  include <abstractions/nameservice-strict>
+  include <abstractions/ssl_certs>
+  include <abstractions/gtk>
+
+  network netlink raw,
+
+  @{exec_path} mr,
+
+  /usr/share/glib-2.0/schemas/gschemas.compiled r,
+
+  owner @{user_share_dirs}/folks/relationships.ini r,
+  /dev/dri/ r,
+
+  include <abstractions/dconf>
+  owner @{run}/user/[0-9]*/dconf/ rw,
+  owner @{run}/user/[0-9]*/dconf/user rw,
+
+  include if exists <local/gnome-contacts>
+}