From aba2d18eb345ea58ff3e2b26a2a34e590c76a6b6 Mon Sep 17 00:00:00 2001
From: Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com>
Date: Tue, 3 Dec 2024 10:49:29 -0330
Subject: [PATCH] Merge with other profile

---
 profiles/apparmor.d/lsblk | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/profiles/apparmor.d/lsblk b/profiles/apparmor.d/lsblk
index 3099fe949..0e275eae3 100644
--- a/profiles/apparmor.d/lsblk
+++ b/profiles/apparmor.d/lsblk
@@ -15,21 +15,26 @@ include <tunables/global>
 
 profile lsblk /usr/bin/lsblk {
   include <abstractions/base>
+  include <abstractions/consoles>
+  include <abstractions/nameservice-strict>
+
+  capability dac_read_search,
 
   @{sys}/block/ r,
+  @{sys}/class/block/ r,
   @{sys}/dev/block/ r,
+
   @{sys}/devices/pci[0-9]*:[0-9]*/** r,
   @{sys}/devices/virtual/** r,
+  @{sys}/devices/platform/** r,
+
+  /dev/sr[0-9]* rk,
 
-  @{run}/mount/** r,
   @{run}/udev/data/** r,
 
+  @{run}/mount/** r,
   @{PROC}/swaps r,
-  @{PROC}/*/mountinfo r,
-
-  /etc/nsswitch.conf r,
-  /etc/passwd r,
-  /etc/group r,
+  owner @{PROC}/@{pid}/mountinfo r,
 
   include if exists <local/lsblk>
 }