# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2025 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only

# Check login session observe & login session control

  abi <abi/4.0>,

  dbus receive bus=system path=/org/freedesktop/login1
       interface=org.freedesktop.login1.Manager
       member={SessionNew,UserNew,SeatNew}
       peer=(name="{@{busname},org.freedesktop.login1}", label="@{p_systemd_logind}"),

  dbus receive bus=system path=/org/freedesktop/login1
       interface=org.freedesktop.login1.Manager
       member={SessionRemoved,UserRemoved,SeatRemoved}
       peer=(name="{@{busname},org.freedesktop.login1}", label="@{p_systemd_logind}"),

  dbus receive bus=system path=/org/freedesktop/login1
       interface=org.freedesktop.login1.Manager
       member={PrepareForShutdow,PrepareForSleep}
       peer=(name="{@{busname},org.freedesktop.login1}", label="@{p_systemd_logind}"),

  dbus send bus=system path=/org/freedesktop/login1
       interface=org.freedesktop.login1.Manager
       member={ListSeats,ListSessions,ListUsers}
       peer=(name="{@{busname},org.freedesktop.login1}", label="@{p_systemd_logind}"),

  dbus send bus=system path=/org/freedesktop/login1
       interface=org.freedesktop.login1.Manager
       member={GetSeat,GetSessions,GetSessionByPID,GetUsers}
       peer=(name="{@{busname},org.freedesktop.login1}", label="@{p_systemd_logind}"),

  include if exists <abstractions/login-observe.d>

# vim:syntax=apparmor
