From 00ad8e594e6d757a02caccc3638b44741c903cc4 Mon Sep 17 00:00:00 2001
From: Viktor Villainov <supervillain@riseup.net>
Date: Sat, 9 Mar 2019 08:15:14 -0500
Subject: [PATCH 1/2] Add AppArmor profile

---
 contrib/apparmor/usr.bin.yggdrasil | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 contrib/apparmor/usr.bin.yggdrasil

diff --git a/contrib/apparmor/usr.bin.yggdrasil b/contrib/apparmor/usr.bin.yggdrasil
new file mode 100644
index 0000000..2d178d6
--- /dev/null
+++ b/contrib/apparmor/usr.bin.yggdrasil
@@ -0,0 +1,22 @@
+# Last Modified: Sat Mar  9 06:08:02 2019
+#include <tunables/global>
+
+/usr/bin/yggdrasil {
+  #include <abstractions/base>
+
+  capability net_admin,
+
+  network inet stream,
+  network inet6 dgram,
+  network inet6 stream,
+  network netlink raw,
+
+  /lib/x86_64-linux-gnu/ld-*.so mr,
+  /proc/sys/net/core/somaxconn r,
+  /dev/net/tun rw,
+
+  /usr/bin/yggdrasil mr,
+  /etc/yggdrasil.conf rw,
+  /run/yggdrasil.sock rw,
+
+}

From f5c6c191ea6d52173716f77ab4204345d2c4f8ab Mon Sep 17 00:00:00 2001
From: Viktor Villainov <supervillain@riseup.net>
Date: Sat, 9 Mar 2019 22:34:26 -0500
Subject: [PATCH 2/2] AppArmor: multiarch support and allow datagram transports

---
 contrib/apparmor/usr.bin.yggdrasil | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/contrib/apparmor/usr.bin.yggdrasil b/contrib/apparmor/usr.bin.yggdrasil
index 2d178d6..e31a27b 100644
--- a/contrib/apparmor/usr.bin.yggdrasil
+++ b/contrib/apparmor/usr.bin.yggdrasil
@@ -7,11 +7,12 @@
   capability net_admin,
 
   network inet stream,
+  network inet dgram,
   network inet6 dgram,
   network inet6 stream,
   network netlink raw,
 
-  /lib/x86_64-linux-gnu/ld-*.so mr,
+  /lib/@{multiarch}/ld-*.so mr,
   /proc/sys/net/core/somaxconn r,
   /dev/net/tun rw,