From f807d5a190bf8fc15b7677b213af3f97e0adc494 Mon Sep 17 00:00:00 2001
From: Jeroen Rijken <jeroen.rijken@xs4all.nl>
Date: Sat, 24 Feb 2024 11:17:57 +0100
Subject: [PATCH] Deduplicate and revert

Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
---
 apparmor.d/abstractions/systemd-common |  7 ------
 apparmor.d/profiles-a-f/bluetoothd     | 34 ++------------------------
 2 files changed, 2 insertions(+), 39 deletions(-)

diff --git a/apparmor.d/abstractions/systemd-common b/apparmor.d/abstractions/systemd-common
index e459c1b9..1de28a91 100644
--- a/apparmor.d/abstractions/systemd-common
+++ b/apparmor.d/abstractions/systemd-common
@@ -3,14 +3,8 @@
 # Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
 
-  capability sys_ptrace,
-
   ptrace (read) peer=@{systemd},
 
-  owner @{lib}/systemd/{,systemd} r,
-
-  owner @{run}/systemd/system/ r,
-
   @{sys}/firmware/efi/efivars/SecureBoot-@{uuid} r,
   @{sys}/fs/cgroup/system.slice/@{profile_name}.service/memory.pressure rw,
 
@@ -20,7 +14,6 @@
         @{PROC}/cmdline r,
         @{PROC}/sys/kernel/osrelease r,
         @{PROC}/sys/kernel/random/boot_id r,
-  owner @{PROC}/filesystems r,
   owner @{PROC}/@{pid}/stat r,
 
   /dev/kmsg w,
diff --git a/apparmor.d/profiles-a-f/bluetoothd b/apparmor.d/profiles-a-f/bluetoothd
index b9938d46..17f79222 100644
--- a/apparmor.d/profiles-a-f/bluetoothd
+++ b/apparmor.d/profiles-a-f/bluetoothd
@@ -28,22 +28,7 @@ profile bluetoothd @{exec_path} flags=(attach_disconnected) {
   dbus receive bus=system path=/
        interface=org.freedesktop.DBus.ObjectManager
        member=GetManagedObjects
-       peer=(name=:*, label=brave),
-
-  dbus receive bus=system path=/
-       interface=org.freedesktop.DBus.ObjectManager
-       member=GetManagedObjects
-       peer=(name=:*, label=NetworkManager),
-
-  dbus receive bus=system path=/
-       interface=org.freedesktop.DBus.ObjectManager
-       member=GetManagedObjects
-       peer=(name=:*, label=pulseaudio),
-
-  dbus receive bus=system path=/
-       interface=org.freedesktop.DBus.ObjectManager
-       member=GetManagedObjects
-       peer=(name=:*, label=upowerd),
+       peer=(name=:*, label="{brave,NetworkManager,pulseaudio,upowerd}"),
 
   dbus send bus=system path=/MediaEndpoint
        interface=org.freedesktop.DBus.ObjectManager
@@ -63,22 +48,7 @@ profile bluetoothd @{exec_path} flags=(attach_disconnected) {
   dbus send bus=system path=/
        interface=org.freedesktop.DBus.ObjectManager
        member=InterfacesRemoved
-       peer=(name=org.freedesktop.DBus, label=fwupd),
-
-  dbus send bus=system path=/
-       interface=org.freedesktop.DBus.ObjectManager
-       member=InterfacesRemoved
-       peer=(name=org.freedesktop.DBus, label=NetworkManager),
-
-  dbus send bus=system path=/
-       interface=org.freedesktop.DBus.ObjectManager
-       member=InterfacesRemoved
-       peer=(name=org.freedesktop.DBus, label=pulseaudio),
-
-  dbus send bus=system path=/
-       interface=org.freedesktop.DBus.ObjectManager
-       member=InterfacesRemoved
-       peer=(name=org.freedesktop.DBus, label=upowerd),
+       peer=(name=org.freedesktop.DBus, label="{jwupd,NetworkManager,pulseaudio,upowerd}"),
 
   @{exec_path} mr,