From 811494c6cf0cc0a7a96e647ba0f022f4d03713be Mon Sep 17 00:00:00 2001
From: intrigeri <intrigeri@boum.org>
Date: Sat, 22 May 2021 19:21:52 +0000
Subject: [PATCH] AppArmor: Allow reading
 /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us

Roger Shimizu told us it's needed on Debian Buster.
I suppose the "user.slice" path component is not used there.
---
 apparmor/torbrowser.Browser.firefox | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apparmor/torbrowser.Browser.firefox b/apparmor/torbrowser.Browser.firefox
index b086cb7..6882f9d 100644
--- a/apparmor/torbrowser.Browser.firefox
+++ b/apparmor/torbrowser.Browser.firefox
@@ -102,7 +102,7 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
   /sys/devices/system/cpu/present r,
   /sys/devices/system/node/ r,
   /sys/devices/system/node/node[0-9]*/meminfo r,
-  /sys/fs/cgroup/cpu,cpuacct/user.slice/cpu.cfs_quota_us r,
+  /sys/fs/cgroup/cpu,cpuacct/{,user.slice/}cpu.cfs_quota_us r,
   deny /sys/devices/virtual/block/*/uevent r,
 
   # Should use abstractions/gstreamer instead once merged upstream
-- 
2.44.0