From f6f051cfa43687a5116ac871d0fbdfd01f3d4b90 Mon Sep 17 00:00:00 2001
From: kytv <kytv@mail.i2p>
Date: Sat, 6 Jun 2015 21:31:38 +0000
Subject: [PATCH] remove unneeded user-tmp abstraction; tighten tmpdir perms

---
 debian/apparmor/i2p | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/debian/apparmor/i2p b/debian/apparmor/i2p
index 2b548fcb4c..5d4ad3403d 100644
--- a/debian/apparmor/i2p
+++ b/debian/apparmor/i2p
@@ -5,7 +5,6 @@
   #include <abstractions/fonts>
   #include <abstractions/nameservice>
   #include <abstractions/ssl_certs>
-  #include <abstractions/user-tmp>
 
   network inet stream,
   network inet6 stream,
@@ -51,8 +50,9 @@
   /usr/share/java/wrapper*.jar                            r,
 
   # 'm' is needed by the I2P-Bote plugin
-  /{,var/}tmp/                                            rwm,
-  owner /{,var/}tmp/**                                    rwklm,
+  /{,lib/live/mount/overlay/}tmp/                         rwm,
+  owner /{,lib/live/mount/overlay/}tmp/i2p-daemon/        rwm,
+  owner /{,lib/live/mount/overlay/}tmp/i2p-daemon/**      rwklm,
 
   # Prevent spamming the logs
   deny /dev/tty                                           rw,
-- 
GitLab