From aca065a208ffeed28d215e492098c9c979c07c23 Mon Sep 17 00:00:00 2001
From: Giampaolo Fresi Roglia <giampaolo.fresi.roglia@canonical.com>
Date: Fri, 4 Oct 2024 17:19:47 +0200
Subject: [PATCH] apparmor.d/tnftp: add missing @{HOME} rule

---
 profiles/apparmor.d/tnftp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/profiles/apparmor.d/tnftp b/profiles/apparmor.d/tnftp
index 0c0977f91..0ccefcb98 100644
--- a/profiles/apparmor.d/tnftp
+++ b/profiles/apparmor.d/tnftp
@@ -34,6 +34,10 @@ profile tnftp /usr/bin/tnftp {
   # required for the pager (less, more) to work
   file Cx /usr/bin/dash,
 
+  # allow read on anything on @{HOME} not explicitly denied
+  owner file r @{HOME},
+  owner file r @{HOME}/**,
+
   # Sub-profile for the pager to work
   profile dash /usr/bin/dash {
     include <abstractions/base>