From 8a3b92cd624d524ae4da90a698e9d36f80ff012f Mon Sep 17 00:00:00 2001
From: Christian Boltz <apparmor@cboltz.de>
Date: Thu, 11 Jun 2020 15:05:14 +0200
Subject: [PATCH] Allow /proc/*/attr/current in dovecot imap and lmtp

This is needed when using the "apparmor" plugin which means dovecot
switches to user-specific hats.

Seen on openSUSE Tumbleweed.

(backported from commit 6a388859f8a3420a8abd5d5d4d86bb0cbf486021)
Signed-off-by: John Johansen <john.johansen@canonical.com>
---
 profiles/apparmor.d/usr.lib.dovecot.imap | 2 +-
 profiles/apparmor.d/usr.lib.dovecot.lmtp | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/profiles/apparmor.d/usr.lib.dovecot.imap b/profiles/apparmor.d/usr.lib.dovecot.imap
index 7bc94c312..db3f9e9d8 100644
--- a/profiles/apparmor.d/usr.lib.dovecot.imap
+++ b/profiles/apparmor.d/usr.lib.dovecot.imap
@@ -33,7 +33,7 @@
   /etc/dovecot/conf.d/** r,
 
   owner /tmp/dovecot.imap.* rw,
-
+  @{PROC}/@{pid}/attr/current rw,
   /usr/bin/doveconf rix,
   /usr/lib/dovecot/imap mrix,
   /usr/share/dovecot/** r,
diff --git a/profiles/apparmor.d/usr.lib.dovecot.lmtp b/profiles/apparmor.d/usr.lib.dovecot.lmtp
index 8dd15b835..5ae6e61a9 100644
--- a/profiles/apparmor.d/usr.lib.dovecot.lmtp
+++ b/profiles/apparmor.d/usr.lib.dovecot.lmtp
@@ -28,7 +28,7 @@
   @{DOVECOT_MAILSTORE}/** rwkl,
 
   @{HOME}/.dovecot.svbin r,
-
+  @{PROC}/@{pid}/attr/current rw,
   /proc/*/mounts r,
   /tmp/dovecot.lmtp.* rw,
   /usr/lib/dovecot/lmtp mr,