Ubuntu 2204 compatibility

apparmor.d/bin.b2sum

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "b2sum" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/b2sum
@@ -19,6 +20,8 @@ profile b2sum /{,usr/}{bin,sbin}/b2sum {
 
   # As a coreutil, we might read data from anywhere on the system
   /** r,
+       capability dac_read_search,
+  deny capability dac_override,
 
   # Site-specific additions and overrides. See local/README for details
   include if exists <local/bin.b2sum>

apparmor.d/bin.base32

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "base32" GNU coreutil
 ## Tested with coreutils 9.1-1 on Arch Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/base32
@@ -19,6 +20,8 @@ profile base32 /{,usr/}{bin,sbin}/base32 {
 
   # As a coreutil, we might read data from anywhere on the system
   /** r,
+       capability dac_read_search,
+  deny capability dac_override,
 
   # Site-specific additions and overrides. See local/README for details
   include if exists <local/bin.base32>

apparmor.d/bin.base64

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "base64" GNU coreutil
 ## Tested with coreutils 9.1-1 on Arch Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/base64
@@ -19,6 +20,8 @@ profile base64 /{,usr/}{bin,sbin}/base64 {
 
   # As a coreutil, we might read data from anywhere on the system
   /** r,
+       capability dac_read_search,
+  deny capability dac_override,
 
   # Site-specific additions and overrides. See local/README for details
   include if exists <local/bin.base64>

apparmor.d/bin.basename

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "basename" GNU coreutil
 ## Tested with coreutils 9.1-1 on Arch Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/basename
@@ -16,6 +17,7 @@ profile basename /{,usr/}{bin,sbin}/basename {
   # Basic operating necessities
   include <abstractions/base>
   include <abstractions/consoles>
+  /{,usr/}{bin,sbin}/basename mr,
 
   # Site-specific additions and overrides. See local/README for details
   include if exists <local/bin.basename>

apparmor.d/bin.basenc

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "basenc" GNU coreutil
 ## Tested with coreutils 9.1-1 on Arch Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/basenc

apparmor.d/bin.cat

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "cat" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/cat

apparmor.d/bin.cksum

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "cksum" GNU coreutil
 ## Tested with coreutils 9.1-1 on Arch Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/cksum
@@ -19,6 +20,8 @@ profile cksum /{,usr/}{bin,sbin}/cksum {
 
   # As a coreutil, we might read data from anywhere on the system
   /** r,
+       capability dac_read_search,
+  deny capability dac_override,
 
   # Site-specific additions and overrides. See local/README for details
   include if exists <local/bin.cksum>

apparmor.d/bin.comm

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "comm" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/comm

apparmor.d/bin.cut

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "cut" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/cut

apparmor.d/bin.diff

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "diff" GNU diffutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/diffutils

apparmor.d/bin.dir

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "dir" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/dir
@@ -17,8 +18,9 @@ profile dir /{,usr/}{bin,sbin}/dir {
   include <abstractions/base>
   include <abstractions/consoles>
 
-  # As a coreutil, we might read data from anywhere on the system
-  /** r,
+  # As a coreutil, we might read data from any directory on the system
+  / r,
+  /**/ r,
 
   # Site-specific additions and overrides. See local/README for details
   include if exists <local/bin.dir>

apparmor.d/bin.dirname

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "dirname" GNU coreutil
 ## Tested with coreutils 9.1-1 on Arch Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/dirname
@@ -16,6 +17,7 @@ profile dirname /{,usr/}{bin,sbin}/dirname {
   # Basic operating necessities
   include <abstractions/base>
   include <abstractions/consoles>
+  /{,usr/}{bin,sbin}/dirname mr,
 
   # Site-specific additions and overrides. See local/README for details
   include if exists <local/bin.dirname>

apparmor.d/bin.du

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "du" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/du
@@ -16,9 +17,13 @@ profile du /{,usr/}{bin,sbin}/du {
   # Basic operating necessities
   include <abstractions/base>
   include <abstractions/consoles>
+  /{,usr/}{bin,sbin}/du mr,
 
-  # As a coreutil, we might read data from anywhere on the system
-  /** r,
+  capability dac_read_search,
+
+  # As a coreutil, we might read data from any directory on the system
+  / r,
+  /**/ r,
 
   # Site-specific additions and overrides. See local/README for details
   include if exists <local/bin.du>

apparmor.d/bin.echo

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "echo" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/echo

apparmor.d/bin.file

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "file" utility
 ## Tested with file 5.43-1 on Artix Linux
+##             file 5.41-3 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://darwinsys.com/file/
@@ -19,6 +20,7 @@ profile file /{,usr/}{bin,sbin}/file {
 
   # As a general utility, we might read data from anywhere on the system
   /** r,
+  capability dac_read_search,
 
   # Site-specific additions and overrides. See local/README for details
   include if exists <local/bin.file>

apparmor.d/bin.grep

@@ -3,6 +3,7 @@
 ## AppArmor profile for the "grep" GNU utility
 ## Tested with: grep 3.8-2 on Artix Linux
 ##              grep 3.8-2 on Arch Linux
+##              grep 3.7-1build1 on Ubuntu 22.04
 ## Profile authors: EarthlySkies <[email protected]>
 ## Profile license: the MIT license
 ## Target program : https://gnu.org/software/grep
@@ -16,8 +17,11 @@ profile grep /{,usr/}{bin,sbin}/grep {
 
   # Basic operating necessities
   include <abstractions/base>
+  include <abstractions/consoles>
   /{,usr/}{bin,sbin}/grep mr,
 
+  capability dac_read_search,
+
   # We need this, since in addition to reading from stdin, grep can also be
   # used to read directly from files and those files can be in arbitrary
   # locations anywhere on the system

apparmor.d/bin.head

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "head" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/head

apparmor.d/bin.md5sum

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "md5sum" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/md5sum
@@ -19,6 +20,8 @@ profile md5sum /{,usr/}{bin,sbin}/md5sum {
 
   # As a coreutil, we might read data from anywhere on the system
   /** r,
+       capability dac_read_search,
+  deny capability dac_override,
 
   # Site-specific additions and overrides. See local/README for details
   include if exists <local/bin.md5sum>

apparmor.d/bin.od

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "od" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/od

apparmor.d/bin.sha1sum

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "sha1sum" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/sha1sum
@@ -19,6 +20,8 @@ profile sha1sum /{,usr/}{bin,sbin}/sha1sum {
 
   # As a coreutil, we might read data from anywhere on the system
   /** r,
+       capability dac_read_search,
+  deny capability dac_override,
 
   # Site-specific additions and overrides. See local/README for details
   include if exists <local/bin.sha1sum>

apparmor.d/bin.sha224sum

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "sha224sum" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/sha224sum
@@ -19,6 +20,8 @@ profile sha224sum /{,usr/}{bin,sbin}/sha224sum {
 
   # As a coreutil, we might read data from anywhere on the system
   /** r,
+       capability dac_read_search,
+  deny capability dac_override,
 
   # Site-specific additions and overrides. See local/README for details
   include if exists <local/bin.sha224sum>

apparmor.d/bin.sha256sum

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "sha256sum" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/sha256sum
@@ -19,6 +20,8 @@ profile sha256sum /{,usr/}{bin,sbin}/sha256sum {
 
   # As a coreutil, we might read data from anywhere on the system
   /** r,
+       capability dac_read_search,
+  deny capability dac_override,
 
   # Site-specific additions and overrides. See local/README for details
   include if exists <local/bin.sha256sum>

apparmor.d/bin.sha384sum

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "sha384sum" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/sha384sum
@@ -19,6 +20,8 @@ profile sha384sum /{,usr/}{bin,sbin}/sha384sum {
 
   # As a coreutil, we might read data from anywhere on the system
   /** r,
+       capability dac_read_search,
+  deny capability dac_override,
 
   # Site-specific additions and overrides. See local/README for details
   include if exists <local/bin.sha384sum>

apparmor.d/bin.sha512sum

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "sha512sum" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/sha512sum
@@ -19,6 +20,8 @@ profile sha512sum /{,usr/}{bin,sbin}/sha512sum {
 
   # As a coreutil, we might read data from anywhere on the system
   /** r,
+       capability dac_read_search,
+  deny capability dac_override,
 
   # Site-specific additions and overrides. See local/README for details
   include if exists <local/bin.sha512sum>

apparmor.d/bin.sort

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "sort" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/sort

apparmor.d/bin.strings

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "srings" GNU binutil
 ## Tested with binutils 2.39-3 on Artix Linux
+##             binutils 2.38-4ubuntu2 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/binutils

apparmor.d/bin.tac

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "tac" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/tac

apparmor.d/bin.tail

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "tail" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/tail

apparmor.d/bin.wc

@@ -2,6 +2,7 @@
 ##-----------------------------------------------------------------------------
 ## AppArmor profile for the "wc" GNU coreutil
 ## Tested with coreutils 9.1-1 on Artix Linux
+##             coreutils 8.32-4.1ubuntu1 on Ubuntu 22.04
 ## Profile author: EarthlySkies <[email protected]>
 ## Profile license: MIT license
 ## Target program: https://gnu.org/software/coreutils/wc