# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2020-2022 Mikhail Morfikov
# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only

  @{bin}/ r,
  @{python_path} mr,

        @{user_lib_dirs}/@{python_name}/                         r,
  owner @{user_lib_dirs}/@{python_name}/**.{egg,py,pyi,pth}      r,
  owner @{user_lib_dirs}/@{python_name}/**.{pyc,so}              mr,
  owner @{user_lib_dirs}/@{python_name}/{site,dist}-packages/    r,
  owner @{user_lib_dirs}/@{python_name}/{site,dist}-packages/**/ r,


  # Normal python run do not need to update pycache files. It is done by pycompile.
  deny @{lib}/@{python_name}/{,**/}__pycache__/ w,
  deny @{lib}/@{python_name}/{,**/}__pycache__/**.pyc.@{u64} w,

# vim:syntax=apparmor
