apparmor/apparmor-abstractions-no-multiline.diff

=== modified file 'profiles/apparmor.d/abstractions/X'
Index: profiles/apparmor.d/abstractions/X
===================================================================
--- profiles/apparmor.d/abstractions/X.orig	2016-04-22 22:35:12.416535187 +0200
+++ profiles/apparmor.d/abstractions/X	2016-04-22 22:35:46.556500929 +0200
@@ -25,12 +25,8 @@
 
   # the unix socket to use to connect to the display
   /tmp/.X11-unix/* rw,
-  unix (connect, receive, send)
-       type=stream
-       peer=(addr="@/tmp/.X11-unix/X[0-9]*"),
-  unix (connect, receive, send)
-       type=stream
-       peer=(addr="@/tmp/.ICE-unix/[0-9]*"),
+  unix (connect, receive, send) type=stream peer=(addr="@/tmp/.X11-unix/X[0-9]*"),
+  unix (connect, receive, send) type=stream peer=(addr="@/tmp/.ICE-unix/[0-9]*"),
 
   /usr/include/X11/               r,
   /usr/include/X11/**             r,
Index: profiles/apparmor.d/abstractions/dbus-accessibility-strict
===================================================================
--- profiles/apparmor.d/abstractions/dbus-accessibility-strict.orig	2014-10-18 13:11:18.498652324 +0200
+++ profiles/apparmor.d/abstractions/dbus-accessibility-strict	2014-10-18 13:11:31.098494805 +0200
@@ -9,9 +9,4 @@
 #
 # ------------------------------------------------------------------
 
-  dbus send
-       bus=accessibility
-       path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member={Hello,AddMatch,RemoveMatch,GetNameOwner,NameHasOwner,StartServiceByName}
-       peer=(name=org.freedesktop.DBus),
+  dbus send bus=accessibility path=/org/freedesktop/DBus interface=org.freedesktop.DBus member={Hello,AddMatch,RemoveMatch,GetNameOwner,NameHasOwner,StartServiceByName} peer=(name=org.freedesktop.DBus),
Index: profiles/apparmor.d/abstractions/dbus-session-strict
===================================================================
--- profiles/apparmor.d/abstractions/dbus-session-strict.orig	2017-01-11 21:20:01.381935015 +0100
+++ profiles/apparmor.d/abstractions/dbus-session-strict	2017-01-11 21:20:07.641905170 +0100
@@ -14,16 +14,9 @@
   /var/lib/dbus/machine-id r,
   owner /run/user/*/bus rw,
 
-  unix (connect, receive, send)
-       type=stream
-       peer=(addr="@/tmp/dbus-*"),
+  unix (connect, receive, send) type=stream peer=(addr="@/tmp/dbus-*"),
 
   # dbus with systemd and --enable-user-session
   owner /run/user/[0-9]*/bus rw,
 
-  dbus send
-       bus=session
-       path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member={Hello,AddMatch,RemoveMatch,GetNameOwner,NameHasOwner,StartServiceByName}
-       peer=(name=org.freedesktop.DBus),
+  dbus send bus=session path=/org/freedesktop/DBus interface=org.freedesktop.DBus member={Hello,AddMatch,RemoveMatch,GetNameOwner,NameHasOwner,StartServiceByName} peer=(name=org.freedesktop.DBus),
Index: profiles/apparmor.d/abstractions/dbus-strict
===================================================================
--- profiles/apparmor.d/abstractions/dbus-strict.orig	2014-10-18 13:11:18.498652324 +0200
+++ profiles/apparmor.d/abstractions/dbus-strict	2014-10-18 13:11:31.098494805 +0200
@@ -11,9 +11,4 @@
 
   /{,var/}run/dbus/system_bus_socket rw,
 
-  dbus send
-       bus=system
-       path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member={Hello,AddMatch,RemoveMatch,GetNameOwner,NameHasOwner,StartServiceByName}
-       peer=(name=org.freedesktop.DBus),
+  dbus send bus=system path=/org/freedesktop/DBus interface=org.freedesktop.DBus member={Hello,AddMatch,RemoveMatch,GetNameOwner,NameHasOwner,StartServiceByName} peer=(name=org.freedesktop.DBus),
Index: profiles/apparmor.d/abstractions/fcitx-strict
===================================================================
--- profiles/apparmor.d/abstractions/fcitx-strict.orig	2017-01-11 21:44:55.726947350 +0100
+++ profiles/apparmor.d/abstractions/fcitx-strict	2017-01-11 21:45:02.830914856 +0100
@@ -11,11 +11,6 @@
 
   #include <abstractions/dbus-session-strict>
 
-  dbus send
-      bus=fcitx
-      path=/org/freedesktop/DBus
-      interface=org.freedesktop.DBus
-      member={Hello,AddMatch,RemoveMatch,GetNameOwner,NameHasOwner,StartServiceByName}
-      peer=(name=org.freedesktop.DBus),
+  dbus send bus=fcitx path=/org/freedesktop/DBus interface=org.freedesktop.DBus member={Hello,AddMatch,RemoveMatch,GetNameOwner,NameHasOwner,StartServiceByName} peer=(name=org.freedesktop.DBus),
 
   owner @{HOME}/.config/fcitx/dbus/* r,
Index: profiles/apparmor.d/abstractions/libpam-systemd
===================================================================
--- profiles/apparmor.d/abstractions/libpam-systemd.orig	2017-01-11 21:47:13.814315855 +0100
+++ profiles/apparmor.d/abstractions/libpam-systemd	2017-01-11 21:47:19.490289904 +0100
@@ -12,8 +12,4 @@
 #include <abstractions/dbus-strict>
 
   # libpam-systemd notifies systemd-logind about session logins/logouts
-  dbus send
-    bus=system
-    path=/org/freedesktop/login1
-    interface=org.freedesktop.login1.Manager
-    member={CreateSession,ReleaseSession},
+  dbus send bus=system path=/org/freedesktop/login1 interface=org.freedesktop.login1.Manager member={CreateSession,ReleaseSession},
Index: profiles/apparmor.d/abstractions/ubuntu-unity7-base
===================================================================
--- profiles/apparmor.d/abstractions/ubuntu-unity7-base.orig	2017-01-11 21:20:07.641905170 +0100
+++ profiles/apparmor.d/abstractions/ubuntu-unity7-base	2017-01-11 21:20:52.197692834 +0100
@@ -21,78 +21,37 @@
   #
   # Access required for connecting to/communication with Unity HUD
   #
-  dbus (send)
-       bus=session
-       path="/com/canonical/hud",
-  dbus (send)
-       bus=session
-       interface="com.canonical.hud.*",
-  dbus (send)
-       bus=session
-       path="/com/canonical/hud/applications/*",
-  dbus (receive)
-       bus=session
-       path="/com/canonical/hud",
-  dbus (receive)
-       bus=session
-       interface="com.canonical.hud.*",
+  dbus (send) bus=session path="/com/canonical/hud",
+  dbus (send) bus=session interface="com.canonical.hud.*",
+  dbus (send) bus=session path="/com/canonical/hud/applications/*",
+  dbus (receive) bus=session path="/com/canonical/hud",
+  dbus (receive) bus=session interface="com.canonical.hud.*",
 
   #
   # Allow access for connecting to/communication with the appmenu
   #
   # dbusmenu
-  dbus (send)
-       bus=session
-       interface="com.canonical.AppMenu.*",
-  dbus (receive, send)
-        bus=session
-        path=/com/canonical/menu/**,
+  dbus (send) bus=session interface="com.canonical.AppMenu.*",
+  dbus (receive, send) bus=session path=/com/canonical/menu/**,
 
   # gmenu
-  dbus (receive, send)
-       bus=session
-       interface=org.gtk.Actions,
-  dbus (receive, send)
-       bus=session
-       interface=org.gtk.Menus,
+  dbus (receive, send) bus=session interface=org.gtk.Actions,
+  dbus (receive, send) bus=session interface=org.gtk.Menus,
 
   #
   # Access required for using freedesktop notifications
   #
-  dbus (send)
-       bus=session
-       path=/org/freedesktop/Notifications
-       member=GetCapabilities,
-  dbus (send)
-       bus=session
-       path=/org/freedesktop/Notifications
-       member=GetServerInformation,
-  dbus (send)
-       bus=session
-       path=/org/freedesktop/Notifications
-       member=Notify,
-  dbus (receive)
-       bus=session
-       member="Notify"
-       peer=(name="org.freedesktop.DBus"),
-  dbus (receive)
-       bus=session
-       path=/org/freedesktop/Notifications
-       member=NotificationClosed,
-  dbus (send)
-       bus=session
-       path=/org/freedesktop/Notifications
-       member=CloseNotification,
+  dbus (send) bus=session path=/org/freedesktop/Notifications member=GetCapabilities,
+  dbus (send) bus=session path=/org/freedesktop/Notifications member=GetServerInformation,
+  dbus (send) bus=session path=/org/freedesktop/Notifications member=Notify,
+  dbus (receive) bus=session member="Notify" peer=(name="org.freedesktop.DBus"),
+  dbus (receive) bus=session path=/org/freedesktop/Notifications member=NotificationClosed,
+  dbus (send) bus=session path=/org/freedesktop/Notifications member=CloseNotification,
 
   # accessibility
-  dbus (send)
-       bus=session
-       peer=(name=org.a11y.Bus),
-  dbus (receive)
-       bus=session
-       interface=org.a11y.atspi*,
-  dbus (receive, send)
-       bus=accessibility,
+  dbus (send) bus=session peer=(name=org.a11y.Bus),
+  dbus (receive) bus=session interface=org.a11y.atspi*,
+  dbus (receive, send) bus=accessibility,
 
   #
   # Deny potentially dangerous access
Index: profiles/apparmor.d/abstractions/ubuntu-unity7-launcher
===================================================================
--- profiles/apparmor.d/abstractions/ubuntu-unity7-launcher.orig	2014-10-18 13:11:18.497652337 +0200
+++ profiles/apparmor.d/abstractions/ubuntu-unity7-launcher	2014-10-18 13:11:31.098494805 +0200
@@ -1,7 +1,4 @@
   #
   # Access required for connecting to/communicating with the Unity Launcher
   #
-  dbus (send)
-      bus=session
-      interface="com.canonical.Unity.LauncherEntry"
-      member="Update",
+  dbus (send) bus=session interface="com.canonical.Unity.LauncherEntry" member="Update",
Index: profiles/apparmor.d/abstractions/ubuntu-unity7-messaging
===================================================================
--- profiles/apparmor.d/abstractions/ubuntu-unity7-messaging.orig	2014-10-18 13:11:18.498652324 +0200
+++ profiles/apparmor.d/abstractions/ubuntu-unity7-messaging	2014-10-18 13:11:31.099494792 +0200
@@ -2,6 +2,4 @@
   # Access required for connecting to/communicating with the Unity messaging
   # indicator
   #
-  dbus (receive, send)
-       bus=session
-       path="/com/canonical/indicator/messages/*",
+  dbus (receive, send) bus=session path="/com/canonical/indicator/messages/*",
Index: profiles/apparmor.d/abstractions/gnome
===================================================================
--- profiles/apparmor.d/abstractions/gnome.orig	2014-10-06 21:06:23.000000000 +0200
+++ profiles/apparmor.d/abstractions/gnome	2014-10-18 13:17:22.661505791 +0200
@@ -93,6 +93,4 @@
 
   # Allow connecting to the GNOME vfs socket (still need corresponding DBus
   # rules)
-  unix (send, receive, connect)
-       type=stream
-       peer=(addr="@/dbus-vfs-daemon/socket-*"),
+  unix (send, receive, connect) type=stream peer=(addr="@/dbus-vfs-daemon/socket-*"),