From 9a04cd58a65447c95c2d4a83dccfb2cb275c44b4 Mon Sep 17 00:00:00 2001
From: Ryan Lee <ryan.lee@canonical.com>
Date: Tue, 17 Jun 2025 10:26:54 -0700
Subject: [PATCH] profiles: restore exec path rules from profiles where they
 were removed

These profiles don't have an attachment so the path needs to be hardcoded

Fixes: 6e9ff1fa6 ("profiles: update the rest of the profiles to use @{exec_path}")
Signed-off-by: Ryan Lee <ryan.lee@canonical.com>
---
 profiles/apparmor.d/lsb_release     | 3 +++
 profiles/apparmor.d/nvidia_modprobe | 2 ++
 2 files changed, 5 insertions(+)

diff --git a/profiles/apparmor.d/lsb_release b/profiles/apparmor.d/lsb_release
index 6e515cd7d..3d57896f1 100644
--- a/profiles/apparmor.d/lsb_release
+++ b/profiles/apparmor.d/lsb_release
@@ -14,6 +14,9 @@ profile lsb_release {
   include <abstractions/python>
   include <abstractions/terminfo>
 
+  # Hardcode the path due to omission of attachment
+  /usr/bin/lsb_release r,
+
   owner @{PROC}/@{pid}/fd/ r,
 
   /dev/tty rw,
diff --git a/profiles/apparmor.d/nvidia_modprobe b/profiles/apparmor.d/nvidia_modprobe
index 6ba5eb3fa..501ee560e 100644
--- a/profiles/apparmor.d/nvidia_modprobe
+++ b/profiles/apparmor.d/nvidia_modprobe
@@ -15,6 +15,8 @@ profile nvidia_modprobe {
   capability sys_admin,
 
   # Main executable
+  # Hardcode the path due to omission of attachment
+  /usr/bin/nvidia-modprobe mr,
 
   # Other executables