=== modified file 'profiles/apparmor.d/abstractions/X'
Index: profiles/apparmor.d/abstractions/X
===================================================================
--- profiles/apparmor.d/abstractions/X.orig	2014-10-18 13:11:18.498652324 +0200
+++ profiles/apparmor.d/abstractions/X	2014-10-18 13:11:31.097494817 +0200
@@ -23,9 +23,7 @@
 
   # the unix socket to use to connect to the display
   /tmp/.X11-unix/*           w,
-  unix (connect, receive, send)
-       type=stream
-       peer=(addr="@/tmp/.X11-unix/X[0-9]*"),
+  unix (connect, receive, send) type=stream peer=(addr="@/tmp/.X11-unix/X[0-9]*"),
 
   /usr/include/X11/               r,
   /usr/include/X11/**             r,
Index: profiles/apparmor.d/abstractions/dbus-accessibility-strict
===================================================================
--- profiles/apparmor.d/abstractions/dbus-accessibility-strict.orig	2014-10-18 13:11:18.498652324 +0200
+++ profiles/apparmor.d/abstractions/dbus-accessibility-strict	2014-10-18 13:11:31.098494805 +0200
@@ -9,9 +9,4 @@
 #
 # ------------------------------------------------------------------
 
-  dbus send
-       bus=accessibility
-       path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member={Hello,AddMatch,RemoveMatch,GetNameOwner,NameHasOwner,StartServiceByName}
-       peer=(name=org.freedesktop.DBus),
+  dbus send bus=accessibility path=/org/freedesktop/DBus interface=org.freedesktop.DBus member={Hello,AddMatch,RemoveMatch,GetNameOwner,NameHasOwner,StartServiceByName} peer=(name=org.freedesktop.DBus),
Index: profiles/apparmor.d/abstractions/dbus-session-strict
===================================================================
--- profiles/apparmor.d/abstractions/dbus-session-strict.orig	2014-10-18 13:11:18.498652324 +0200
+++ profiles/apparmor.d/abstractions/dbus-session-strict	2014-10-18 13:11:31.098494805 +0200
@@ -13,13 +13,6 @@
   /etc/machine-id r,
   /var/lib/dbus/machine-id r,
 
-  unix (connect, receive, send)
-       type=stream
-       peer=(addr="@/tmp/dbus-*"),
+  unix (connect, receive, send) type=stream peer=(addr="@/tmp/dbus-*"),
 
-  dbus send
-       bus=session
-       path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member={Hello,AddMatch,RemoveMatch,GetNameOwner,NameHasOwner,StartServiceByName}
-       peer=(name=org.freedesktop.DBus),
+  dbus send bus=session path=/org/freedesktop/DBus interface=org.freedesktop.DBus member={Hello,AddMatch,RemoveMatch,GetNameOwner,NameHasOwner,StartServiceByName} peer=(name=org.freedesktop.DBus),
Index: profiles/apparmor.d/abstractions/dbus-strict
===================================================================
--- profiles/apparmor.d/abstractions/dbus-strict.orig	2014-10-18 13:11:18.498652324 +0200
+++ profiles/apparmor.d/abstractions/dbus-strict	2014-10-18 13:11:31.098494805 +0200
@@ -11,9 +11,4 @@
 
   /{,var/}run/dbus/system_bus_socket rw,
 
-  dbus send
-       bus=system
-       path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member={Hello,AddMatch,RemoveMatch,GetNameOwner,NameHasOwner,StartServiceByName}
-       peer=(name=org.freedesktop.DBus),
+  dbus send bus=system path=/org/freedesktop/DBus interface=org.freedesktop.DBus member={Hello,AddMatch,RemoveMatch,GetNameOwner,NameHasOwner,StartServiceByName} peer=(name=org.freedesktop.DBus),
Index: profiles/apparmor.d/abstractions/ubuntu-unity7-base
===================================================================
--- profiles/apparmor.d/abstractions/ubuntu-unity7-base.orig	2014-10-18 13:11:18.497652337 +0200
+++ profiles/apparmor.d/abstractions/ubuntu-unity7-base	2014-10-18 13:11:31.098494805 +0200
@@ -16,41 +16,16 @@
 #include <abstractions/gnome>
 
   # Allow connecting to session bus and where to connect to services
-  dbus (send)
-       bus=session
-       path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member=Hello
-       peer=(name=org.freedesktop.DBus),
-  dbus (send)
-       bus=session
-       path=/org/freedesktop/{db,DB}us
-       interface=org.freedesktop.DBus
-       member={Add,Remove}Match
-       peer=(name=org.freedesktop.DBus),
+  dbus (send) bus=session path=/org/freedesktop/DBus interface=org.freedesktop.DBus member=Hello peer=(name=org.freedesktop.DBus),
+  dbus (send) bus=session path=/org/freedesktop/{db,DB}us interface=org.freedesktop.DBus member={Add,Remove}Match peer=(name=org.freedesktop.DBus),
   # NameHasOwner and GetNameOwner could leak running processes and apps
   # depending on how services are implemented
-  dbus (send)
-       bus=session
-       path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member=GetNameOwner
-       peer=(name=org.freedesktop.DBus),
-  dbus (send)
-       bus=session
-       path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member=NameHasOwner
-       peer=(name=org.freedesktop.DBus),
+  dbus (send) bus=session path=/org/freedesktop/DBus interface=org.freedesktop.DBus member=GetNameOwner peer=(name=org.freedesktop.DBus),
+  dbus (send) bus=session path=/org/freedesktop/DBus interface=org.freedesktop.DBus member=NameHasOwner peer=(name=org.freedesktop.DBus),
 
   # Allow starting services on the session bus (actual communications with
   # the service are mediated elsewhere)
-  dbus (send)
-       bus=session
-       path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member=StartServiceByName
-       peer=(name=org.freedesktop.DBus),
+  dbus (send) bus=session path=/org/freedesktop/DBus interface=org.freedesktop.DBus member=StartServiceByName peer=(name=org.freedesktop.DBus),
 
   # Allow connecting to system bus and where to connect to services. Put these
   # here so we don't need to repeat these rules in multiple places (actual
@@ -58,108 +33,47 @@
   # allow apps to brute-force enumerate system services, but our system
   # services aren't a secret.
   /{,var/}run/dbus/system_bus_socket rw,
-  dbus (send)
-       bus=system
-       path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member=Hello
-       peer=(name=org.freedesktop.DBus),
-  dbus (send)
-       bus=system
-       path=/org/freedesktop/{db,DB}us
-       interface=org.freedesktop.DBus
-       member={Add,Remove}Match
-       peer=(name=org.freedesktop.DBus),
+  dbus (send) bus=system path=/org/freedesktop/DBus interface=org.freedesktop.DBus member=Hello peer=(name=org.freedesktop.DBus),
+  dbus (send) bus=system path=/org/freedesktop/{db,DB}us interface=org.freedesktop.DBus member={Add,Remove}Match peer=(name=org.freedesktop.DBus),
   # NameHasOwner and GetNameOwner could leak running processes and apps
   # depending on how services are implemented
-  dbus (send)
-       bus=system
-       path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member=GetNameOwner
-       peer=(name=org.freedesktop.DBus),
-  dbus (send)
-       bus=system
-       path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member=NameHasOwner
-       peer=(name=org.freedesktop.DBus),
+  dbus (send) bus=system path=/org/freedesktop/DBus interface=org.freedesktop.DBus member=GetNameOwner peer=(name=org.freedesktop.DBus),
+  dbus (send) bus=system path=/org/freedesktop/DBus interface=org.freedesktop.DBus member=NameHasOwner peer=(name=org.freedesktop.DBus),
 
   #
   # Access required for connecting to/communication with Unity HUD
   #
-  dbus (send)
-       bus=session
-       path="/com/canonical/hud",
-  dbus (send)
-       bus=session
-       interface="com.canonical.hud.*",
-  dbus (send)
-       bus=session
-       path="/com/canonical/hud/applications/*",
-  dbus (receive)
-       bus=session
-       path="/com/canonical/hud",
-  dbus (receive)
-       bus=session
-       interface="com.canonical.hud.*",
+  dbus (send) bus=session path="/com/canonical/hud",
+  dbus (send) bus=session interface="com.canonical.hud.*",
+  dbus (send) bus=session path="/com/canonical/hud/applications/*",
+  dbus (receive) bus=session path="/com/canonical/hud",
+  dbus (receive) bus=session interface="com.canonical.hud.*",
 
   #
   # Allow access for connecting to/communication with the appmenu
   #
   # dbusmenu
-  dbus (send)
-       bus=session
-       interface="com.canonical.AppMenu.*",
-  dbus (receive, send)
-        bus=session
-        path=/com/canonical/menu/**,
+  dbus (send) bus=session interface="com.canonical.AppMenu.*",
+  dbus (receive, send) bus=session path=/com/canonical/menu/**,
 
   # gmenu
-  dbus (receive, send)
-       bus=session
-       interface=org.gtk.Actions,
-  dbus (receive, send)
-       bus=session
-       interface=org.gtk.Menus,
+  dbus (receive, send) bus=session interface=org.gtk.Actions,
+  dbus (receive, send) bus=session interface=org.gtk.Menus,
 
   #
   # Access required for using freedesktop notifications
   #
-  dbus (send)
-       bus=session
-       path=/org/freedesktop/Notifications
-       member=GetCapabilities,
-  dbus (send)
-       bus=session
-       path=/org/freedesktop/Notifications
-       member=GetServerInformation,
-  dbus (send)
-       bus=session
-       path=/org/freedesktop/Notifications
-       member=Notify,
-  dbus (receive)
-       bus=session
-       member="Notify"
-       peer=(name="org.freedesktop.DBus"),
-  dbus (receive)
-       bus=session
-       path=/org/freedesktop/Notifications
-       member=NotificationClosed,
-  dbus (send)
-       bus=session
-       path=/org/freedesktop/Notifications
-       member=CloseNotification,
+  dbus (send) bus=session path=/org/freedesktop/Notifications member=GetCapabilities,
+  dbus (send) bus=session path=/org/freedesktop/Notifications member=GetServerInformation,
+  dbus (send) bus=session path=/org/freedesktop/Notifications member=Notify,
+  dbus (receive) bus=session member="Notify" peer=(name="org.freedesktop.DBus"),
+  dbus (receive) bus=session path=/org/freedesktop/Notifications member=NotificationClosed,
+  dbus (send) bus=session path=/org/freedesktop/Notifications member=CloseNotification,
 
   # accessibility
-  dbus (send)
-       bus=session
-       peer=(name=org.a11y.Bus),
-  dbus (receive)
-       bus=session
-       interface=org.a11y.atspi*,
-  dbus (receive, send)
-       bus=accessibility,
+  dbus (send) bus=session peer=(name=org.a11y.Bus),
+  dbus (receive) bus=session interface=org.a11y.atspi*,
+  dbus (receive, send) bus=accessibility,
 
   #
   # Deny potentially dangerous access
Index: profiles/apparmor.d/abstractions/ubuntu-unity7-launcher
===================================================================
--- profiles/apparmor.d/abstractions/ubuntu-unity7-launcher.orig	2014-10-18 13:11:18.497652337 +0200
+++ profiles/apparmor.d/abstractions/ubuntu-unity7-launcher	2014-10-18 13:11:31.098494805 +0200
@@ -1,7 +1,4 @@
   #
   # Access required for connecting to/communicating with the Unity Launcher
   #
-  dbus (send)
-      bus=session
-      interface="com.canonical.Unity.LauncherEntry"
-      member="Update",
+  dbus (send) bus=session interface="com.canonical.Unity.LauncherEntry" member="Update",
Index: profiles/apparmor.d/abstractions/ubuntu-unity7-messaging
===================================================================
--- profiles/apparmor.d/abstractions/ubuntu-unity7-messaging.orig	2014-10-18 13:11:18.498652324 +0200
+++ profiles/apparmor.d/abstractions/ubuntu-unity7-messaging	2014-10-18 13:11:31.099494792 +0200
@@ -2,6 +2,4 @@
   # Access required for connecting to/communicating with the Unity messaging
   # indicator
   #
-  dbus (receive, send)
-       bus=session
-       path="/com/canonical/indicator/messages/*",
+  dbus (receive, send) bus=session path="/com/canonical/indicator/messages/*",
Index: profiles/apparmor.d/abstractions/gnome
===================================================================
--- profiles/apparmor.d/abstractions/gnome.orig	2014-10-06 21:06:23.000000000 +0200
+++ profiles/apparmor.d/abstractions/gnome	2014-10-18 13:17:22.661505791 +0200
@@ -88,6 +88,4 @@
 
   # Allow connecting to the GNOME vfs socket (still need corresponding DBus
   # rules)
-  unix (send, receive, connect)
-       type=stream
-       peer=(addr="@/dbus-vfs-daemon/socket-*"),
+  unix (send, receive, connect) type=stream peer=(addr="@/dbus-vfs-daemon/socket-*"),