# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2020-2022 Mikhail Morfikov
# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only



  # Systemd: allow to receive any signal from the systemd profiles stack
  signal receive                           peer=@{p_systemd},
  signal receive                           peer=@{p_systemd_user},

  # Allow to receive some signals from new well-known profiles
  signal receive                           peer=btop,
  signal receive                           peer=htop,
  signal receive                           peer=pkill,
  signal receive                           peer=sudo,
  signal receive                           peer=top,
  signal receive set=(cont,term,kill,stop) peer=systemd-shutdown,
  signal receive set=(hup term)            peer=login,
  signal receive set=(hup)                 peer=xinit,
  signal receive set=(term,kill)           peer=gnome-shell,
  signal receive set=(term,kill)           peer=gnome-system-monitor,
  signal receive set=(term,kill)           peer=openbox,
  signal receive set=(term,kill)           peer=su,

  ptrace readby peer=@{p_systemd_coredump},

  @{etc_rw}/localtime r,
  /etc/locale.conf r,

  @{sys}/devices/system/cpu/possible r,

  @{PROC}/sys/kernel/core_pattern r,

  /apparmor/.null rw,

# vim:syntax=apparmor
