From cfe69dd66900f7aad5311c02d2b4ee7b400fb90b Mon Sep 17 00:00:00 2001
From: madaidan <50278627+madaidan@users.noreply.github.com>
Date: Fri, 20 Dec 2019 22:44:27 +0000
Subject: [PATCH 1/2] Delete usr.lib.security-misc.permission-lockdown

---
 .../usr.lib.security-misc.permission-lockdown | 42 -------------------
 1 file changed, 42 deletions(-)
 delete mode 100644 etc/apparmor.d/usr.lib.security-misc.permission-lockdown

diff --git a/etc/apparmor.d/usr.lib.security-misc.permission-lockdown b/etc/apparmor.d/usr.lib.security-misc.permission-lockdown
deleted file mode 100644
index cffcb0d8..00000000
--- a/etc/apparmor.d/usr.lib.security-misc.permission-lockdown
+++ /dev/null
@@ -1,42 +0,0 @@
-## Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
-## See the file COPYING for copying conditions.
-
-#include <tunables/global>
-
-/usr/lib/security-misc/permission-lockdown flags=(attach_disconnected) {
-  #include <abstractions/base>
-  #include <abstractions/bash>
-
-  capability dac_override,
-  capability dac_read_search,
-  capability fowner,
-  capability fsetid,
-
-  /bin/bash rix,
-  /usr/bin/bash rix,
-  /bin/chmod mrix,
-  /bin/echo mrix,
-  /bin/mkdir mrix,
-  /bin/touch mrix,
-  /usr/bin/chmod mrix,
-  /usr/bin/basename mrix,
-  /usr/bin/touch mrix,
-  /usr/lib/security-misc/permission-lockdown r,
-
-  /home/*/ w,
-
-  /{usr/,}lib{,32,64}/** mr,
-
-  /etc/ld.so.cache r,
-  owner /etc/locale.alias r,
-  owner /etc/nsswitch.conf r,
-  owner /etc/passwd r,
-
-  owner /var/cache/security-misc/state-files/ rw,
-  owner /var/cache/security-misc/state-files/* rw,
-
-  /dev/tty rw,
-  /dev/pts/[0-9]* rw,
-
-  #include <local/usr.lib.security-misc.permission-lockdown>
-}

From c28ddf5c4dbfd92aba9a59874f529a4afe69c497 Mon Sep 17 00:00:00 2001
From: madaidan <50278627+madaidan@users.noreply.github.com>
Date: Fri, 20 Dec 2019 22:44:31 +0000
Subject: [PATCH 2/2] Delete usr.lib.security-misc.pam_tally2-info

---
 .../usr.lib.security-misc.pam_tally2-info     | 42 -------------------
 1 file changed, 42 deletions(-)
 delete mode 100644 etc/apparmor.d/usr.lib.security-misc.pam_tally2-info

diff --git a/etc/apparmor.d/usr.lib.security-misc.pam_tally2-info b/etc/apparmor.d/usr.lib.security-misc.pam_tally2-info
deleted file mode 100644
index 50803fb8..00000000
--- a/etc/apparmor.d/usr.lib.security-misc.pam_tally2-info
+++ /dev/null
@@ -1,42 +0,0 @@
-## Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
-## See the file COPYING for copying conditions.
-
-#include <tunables/global>
-
-/usr/lib/security-misc/pam_tally2-info flags=(attach_disconnected) {
-  #include <abstractions/base>
-  #include <abstractions/bash>
-
-  capability dac_override,
-  capability dac_read_search,
-
-  /bin/bash ix,
-  /bin/cat mrix,
-  /usr/bin/cat mrix,
-  /bin/grep mrix,
-  /usr/bin/id rix,
-  /usr/bin/cut mrix,
-  /usr/bin/tail mrix,
-  /sbin/pam_tally2 mrix,
-  /usr/sbin/pam_tally2 mrix,
-  /usr/lib/security-misc/pam_tally2-info r,
-
-  /etc/ld.so.cache r,
-  /etc/locale.alias r,
-
-  /{usr/,}lib{,32,64}/** mr,
-
-  owner /etc/nsswitch.conf r,
-  owner /etc/pam.d/* r,
-  owner /etc/passwd r,
-  owner /etc/group r,
-  owner /etc/securetty r,
-
-  owner /usr/share/zoneinfo/** r,
-  owner /var/log/tallylog rw,
-
-  /dev/tty rw,
-  owner /dev/pts/[0-9]* rw,
-
-  #include <local/usr.lib.security-misc.pam_tally2-info>
-}