From 9dc3de1c22f83527722b5dd13ca7ef5456668c8e Mon Sep 17 00:00:00 2001
From: Zeyad Gouda <zeyad.gouda@canonical.com>
Date: Fri, 25 Oct 2024 11:18:51 +0300
Subject: [PATCH] interfaces/default: allow owner read on
 @{PROC}/@{pid}/sessionid

This is used by auditd, and is generally safe to expose.

Signed-off-by: Zeyad Gouda <zeyad.gouda@canonical.com>
---
 interfaces/apparmor/template.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/interfaces/apparmor/template.go b/interfaces/apparmor/template.go
index 415b6f447a7..49f314ea49f 100644
--- a/interfaces/apparmor/template.go
+++ b/interfaces/apparmor/template.go
@@ -267,6 +267,7 @@ var templateCommon = `
   @{PROC}/@{pid}/io r,
   owner @{PROC}/@{pid}/limits r,
   owner @{PROC}/@{pid}/loginuid r,
+  owner @{PROC}/@{pid}/sessionid r,
   @{PROC}/@{pid}/smaps r,
   @{PROC}/@{pid}/stat r,
   @{PROC}/@{pid}/statm r,