From 71ff1744cb635e64b57a3e180dcdea45c3951552 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Franc=CC=A7ois=20Bonelle?= <francois.bonelle@gmail.com>
Date: Fri, 25 Aug 2023 18:25:53 +0200
Subject: [PATCH] fix

---
 promtail/apparmor.txt | 35 ++++++++++++++++++-----------------
 1 file changed, 18 insertions(+), 17 deletions(-)

diff --git a/promtail/apparmor.txt b/promtail/apparmor.txt
index 96c40a2..b3ea9da 100644
--- a/promtail/apparmor.txt
+++ b/promtail/apparmor.txt
@@ -26,28 +26,29 @@ profile hassio_promtail flags=(attach_disconnected,mediate_deleted) {
   # S6-Overlay
   /init                                   rix,
   /bin/**                                 rix,
-  @{do_usr}/bin/**                        rix,
-  @{do_usr}/sbin/**                       rix,
-  @{do_etc}/*                             rw,
+  /usr/bin/**                             rix,
+  /usr/sbin/**                            rix,
   @{do_etc}/s6*/**                        r,
   @{do_etc}/fix-attrs.d/{,**}             r,
   @{do_etc}/cont-{init,finish}.d/{,**}    rwix,
   @{do_etc}/services.d/{,**}              rwix,
-  @{do_etc}/ssl/openssl.cnf               r,
-  @{do_etc}/{group,hosts,passwd}          r,
-  @{do_etc}/{host,nsswitch,resolv}.conf   r,
   @{do_run}/{s6,s6-rc*,service}/**        rix,
   @{do_run}/{,**}                         rwk,
   @{do_usr}/lib/locale/{,**}              r,
-  @{do_usr}/share/{,**} r,
+  @{do_etc}/ssl/openssl.cnf               r,
+  @{do_etc}/{group,hosts,passwd}          r,
+  @{do_etc}/{host,nsswitch,resolv}.conf   r,
   /dev/tty                                rw,
   /dev/null                               k,
-  /var/cache/{,**} rw,
   /command/**                             rix,
   /package/**                             rix,
 
+  @{do_etc}/*                             rw,
+  @{do_usr}/share/{,**} r,
+  /var/cache/{,**} rw,
+ 
   # Bashio
-  @{do_usr}/lib/bashio/**                 ix,
+  /usr/lib/bashio/**                      ix,
   /tmp/**                                 rw,
 
   # Options.json & addon data
@@ -61,11 +62,11 @@ profile hassio_promtail flags=(attach_disconnected,mediate_deleted) {
   @{journald}                             r,
 
   # Programs
-  @{do_usr}/bin/promtail                  cx -> promtail_profile,
-  @{do_usr}/bin/yq                        Cx,
-  @{do_usr}/sbin/dpkg-reconfigure         Cx,
+  /usr/bin/promtail                       cx -> promtail,
+  /usr/bin/yq                             Cx,
+  /usr/sbin/dpkg-reconfigure              Cx,
 
-  profile promtail_profile flags=(attach_disconnected,mediate_deleted) {
+  profile promtail flags=(attach_disconnected,mediate_deleted) {
     include <abstractions/base>
 
     # Receive signals from s6
@@ -91,13 +92,13 @@ profile hassio_promtail flags=(attach_disconnected,mediate_deleted) {
     @{journald}                           r,
 
     # Runtime usage
-    /usr/bin/promtail                rm,
+    /usr/bin/promtail                     rm,
     @{do_etc}/{hosts,passwd}              r,
     @{do_etc}/{resolv,nsswitch}.conf      r,
     @{PROC}/sys/net/core/somaxconn        r,
     @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
     /dev/null                             k,
-    @{do_etc}/ssl/certs/**                r,
+    @{do_etc}/ssl/certs/**    r,
   }
 
   profile /usr/bin/yq flags=(attach_disconnected,mediate_deleted) {
@@ -109,7 +110,7 @@ profile hassio_promtail flags=(attach_disconnected,mediate_deleted) {
     /share/**                             r,
 
     # Runtime usage
-    /usr/bin/yq                      rm,
+    /usr/bin/yq                           rm,
     @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
     /dev/null                             k,
   }
@@ -117,6 +118,6 @@ profile hassio_promtail flags=(attach_disconnected,mediate_deleted) {
   profile /usr/sbin/dpkg-reconfigure flags=(attach_disconnected,mediate_deleted) {
     include <abstractions/base>
 
-    /**                                   rwlkmix,
+    /** rwlkmix,
   }
 }
\ No newline at end of file