* debian/patches:

[sojka/debian/lightdm.git] / debian / patches / 02_fix-apparmor-profile.patch

--- a/data/apparmor/abstractions/lightdm_chromium-browser
+++ b/data/apparmor/abstractions/lightdm_chromium-browser
@@ -8,6 +8,7 @@
 # provided in abstractions/lightdm, this abstraction must be separate from
 # abstractions/lightdm.
 
+  /usr/lib/chromium/chromium Cx -> chromium,
   /usr/lib/chromium-browser/chromium-browser Cx -> chromium,
   /usr/bin/webapp-container Cx -> chromium,
   /usr/bin/webbrowser-app Cx -> chromium,
@@ -53,6 +54,7 @@
 
     /selinux/ r,
 
+    /usr/lib/chromium/chrome-sandbox ix,
     /usr/lib/chromium-browser/chromium-browser-sandbox ix,
     /usr/lib/@{multiarch}/oxide-qt/chrome-sandbox ix,
     /opt/google/chrome-*/chrome-sandbox ix,
--- a/data/apparmor/abstractions/lightdm
+++ b/data/apparmor/abstractions/lightdm
@@ -27,7 +27,7 @@
   owner /dev/shm/** rmw,
   /etc/ r,
   /etc/** rmk,
-  /etc/gdm/Xsession ix,
+  /etc/X11/Xsession ix,
   /lib/ r,
   /lib/** rmixk,
   /lib32/ r,
@@ -68,6 +68,7 @@
   # necessary for writing to sockets, etc.
   /{,var/}run/** rmkix,
   /{,var/}run/shm/** wl,
+  /{,var/}run/uuid/request w,
   # libpam-xdg-support/logind
   owner /{,var/}run/user/*/** rw,