[apparmor] Need help on defining rules for these two denied "open" operations
Aaron Lewis
the.warl0ck.1989 at gmail.com
Tue Jan 8 06:45:37 UTC 2013
Hi
I'm not sure what type of permission should I grant for "open"? "r"
doesn't work obviously
1. power_supply message,
/sys/class/power_supply r,
/sys/class/power_supply/** r,
But doesn't work:
[ 1947.164421] type=1400 audit(1357627229.206:316): apparmor="DENIED"
operation="open" parent=7081
profile="/usr/lib/virtualbox/VBoxHeadless"
name="/sys/class/power_supply/" pid=10281 comm=4143504920506F6C6C6572
requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
2. Reading / writing permission on /dev/shm:
owner /dev/shm/ rw,
owner /dev/shm/** rw,
Doesn't work either, I think it might just be the same thing with above,
type=1400 audit(1357627182.410:313): apparmor="DENIED"
operation="open" parent=7081
profile="/usr/lib/virtualbox/VBoxHeadless" name="/dev/shm/" pid=10275
comm="ShFolders" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
And When it's finished, how am I supposed to upload the profile? I
mean for the community
--
Best Regards,
Aaron Lewis - PGP: 0xDFE6C29E ( http://keyserver.veridis.com )
Finger Print: 9482 448F C7C3 896C 1DFE 7DD3 2492 A7D0 DFE6 C29E
More information about the AppArmor
mailing list