# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2020-2022 Mikhail Morfikov
# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only

  # abstract path in ibus < 1.5.22 uses /tmp
  unix (connect, receive, send)
      type=stream
      peer=(addr="@/tmp/ibus/dbus-????????"),

  #aa:lint ignore=tunables
  # abstract path in ibus >= 1.5.22 uses $XDG_CACHE_HOME (ie, @{user_cache_dirs})
  # This should use this, but due to LP: #1856738 we cannot
  #unix (connect, receive, send)
  #    type=stream
  #    peer=(addr="@@{user_cache_dirs}/ibus/dbus-????????"),
  unix (connect, receive, send)
      type=stream
      peer=(addr="@/home/*/.cache/ibus/dbus-????????"),
  unix (connect, send, receive, accept, bind, listen)
       type=stream
       addr="@/home/*/.cache/ibus/dbus-????????",

  dbus receive bus=session path=/org/freedesktop/IBus
       interface=org.freedesktop.DBus.Peer
       member=Ping
       peer=(name=@{busname}, label=ibus-daemon),

  owner @{user_cache_dirs}/ibus/dbus-@{rand8} rw,

# vim:syntax=apparmor
