From bdfe50b9988c0183c4d98343b43087a0b2dc79cf Mon Sep 17 00:00:00 2001
From: Jonas Witschel <diabonas@archlinux.org>
Date: Sun, 12 Jul 2020 20:10:39 +0200
Subject: [PATCH] AppArmor: silence sys_admin capability

This permission is unsuccessfully requested during every start of Tor
Browser 9.5.3, silence it for cleaner logs.
---
 apparmor/torbrowser.Browser.firefox | 1 +
 1 file changed, 1 insertion(+)

diff --git a/apparmor/torbrowser.Browser.firefox b/apparmor/torbrowser.Browser.firefox
index ece3159..4363cdf 100644
--- a/apparmor/torbrowser.Browser.firefox
+++ b/apparmor/torbrowser.Browser.firefox
@@ -124,6 +124,7 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
   deny /sys/devices/system/cpu/*/cache/index[0-9]*/size r,
   deny /run/user/[0-9]*/dconf/user rw,
   deny /usr/bin/lsb_release x,
+  deny capability sys_admin,
 
   # Silence denial logs about PulseAudio
   deny /etc/pulse/client.conf r,
-- 
2.44.0