Missing rules in the wutmp abstraction

Currently the wutmp abstraction has the following rules:

  /var/log/lastlog  rwk,
  /var/log/wtmp     wk,
  @{run}/utmp       rwk,

According to what I see in my apparmor profiles, just a few apps want to interact with the files listed above, especially with the /var/log/wtmp . But when the apps do this, they sometimes want the read access to this file. An example could be the last command. Is there any reason for not having the r in the rule?

The second thing is the file /var/log/btmp (which isn't included in the abstracion). Whenever I see an app, which wants to access the /var/log/wtmp file, it also tries to interact with the /var/log/btmp file, for instance lightdm/sddm or su . Most of the time they need just wk permissions, but sometimes apps need also r on this file, an example could be the lastb command, which is just a link to last.

To sum up, it looks like the wutmp abstraction should look more like this:

  /var/log/lastlog  rwk,
  /var/log/wtmp     rwk,
  /var/log/btmp     rwk,
  @{run}/utmp       rwk,

What do you think?