From 4b3888751a5aef6259f756e5ea9b6b1aada1c194 Mon Sep 17 00:00:00 2001
From: Jamie Strandboge <jamie@ubuntu.com>
Date: Wed, 3 May 2017 16:04:05 -0500
Subject: [PATCH] don't var/ alternation with systemd

---
 profiles/apparmor.d/abstractions/base | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/profiles/apparmor.d/abstractions/base b/profiles/apparmor.d/abstractions/base
index 86ba550b1..6ecf92a79 100644
--- a/profiles/apparmor.d/abstractions/base
+++ b/profiles/apparmor.d/abstractions/base
@@ -33,13 +33,13 @@
   /usr/share/zoneinfo/           r,
   /usr/share/zoneinfo/**         r,
   /usr/share/X11/locale/**       r,
-  /{,var/}run/systemd/journal/dev-log w,
+  /run/systemd/journal/dev-log w,
   # systemd native journal API (see sd_journal_print(4))
-  /{,var/}run/systemd/journal/socket w,
+  /run/systemd/journal/socket w,
   # Nested containers and anything using systemd-cat need this. 'r' shouldn't
   # be required but applications fail without it. journald doesn't leak
   # anything when reading so this is ok.
-  /{,var/}run/systemd/journal/stdout rw,
+  /run/systemd/journal/stdout rw,
 
   /usr/lib{,32,64}/locale/**             mr,
   /usr/lib{,32,64}/gconv/*.so            mr,