HEX

File: //etc/apparmor.d/ubuntu_pro_apt_news
abi <abi/3.0>,

include <tunables/global>

profile ubuntu_pro_apt_news flags=(attach_disconnected) {
  include <abstractions/base>
  include <abstractions/nameservice>
  include <abstractions/openssl>
  include <abstractions/python>

  # Needed because apt-news calls apt_pkg.init() which tries to
  # switch to the _apt system user/group.
  capability setgid,
  capability setuid,
  capability dac_read_search,

  /etc/apt/** r,
  /etc/default/apport r,
  /etc/ubuntu-advantage/* r,
  /usr/bin/python3.{1,}[0-9] mrix,

  /usr/lib/apt/methods/http mrix,
  /usr/lib/apt/methods/https mrix,
  /usr/lib/ubuntu-advantage/apt_news.py r,
  /usr/share/dpkg/* r,
  /var/log/ubuntu-advantage.log rw,
  /var/lib/ubuntu-advantage/** r,
  /var/lib/ubuntu-advantage/messages/ rw,
  /var/lib/ubuntu-advantage/messages/* rw,
  /run/ubuntu-advantage/ rw,
  /run/ubuntu-advantage/* rw,

  /tmp/** r,

  owner @{PROC}/@{pid}/fd/ r,
  @{PROC}/@{pid}/cgroup r,


}