From 004dc61959dea60032a48b3e9cc45eec91e82201 Mon Sep 17 00:00:00 2001
From: Evan Caville <evan.caville@canonical.com>
Date: Fri, 2 May 2025 09:48:20 +1000
Subject: [PATCH] profiles/apparmor.d: remove file access

Signed-off-by: Evan Caville <evan.caville@canonical.com>
---
 profiles/apparmor.d/ssh-keyscan | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/profiles/apparmor.d/ssh-keyscan b/profiles/apparmor.d/ssh-keyscan
index a71012c05..7b05bfbbf 100644
--- a/profiles/apparmor.d/ssh-keyscan
+++ b/profiles/apparmor.d/ssh-keyscan
@@ -21,9 +21,6 @@ profile ssh-keyscan /usr/bin/ssh-keyscan {
   network inet6 stream,
   network netlink raw,
 
-  # By default, limit file options to the following dirs
-  file r @{HOME}/.ssh/{,**},
-
   # Allow executable mapping and read for the binary
   file mr /usr/bin/ssh-keyscan,