[apparmor] [PATCH 1/3] Allow Totem to read /etc/wildmidi/wildmidi.cfg.
Jamie Strandboge
jamie at canonical.com
Wed Oct 9 14:55:53 UTC 2013
On 10/09/2013 09:33 AM, intrigeri wrote:
> Hi again,
>
> Steve Beattie wrote (09 Oct 2013 13:39:17 GMT) :
>> Hrm. Actually, looking more closely at all three permissions in this
>> patch series, I think they're all caused by gstreamer, at least from
>> looking at the reverse dependencies on ubuntu 13.10. All three should
>> probably move to the audio abstraction or a gstreamer specific
>> abstraction, I think.
>
> Now that I think of it, I do agree. Will do, stay tuned.
>
> In the current state of the profiles we have (e.g. Totem already uses
> the audio abstraction), I see little gain in creating a dedicated
> gstreamer abstraction. So, unless anyone raises a reason that
> I missed, I guess I'll just move these few lines to the audio
> abstraction. Thoughts?
>
> (I had totally overlooked the existence of an audio abstraction: when
> I grepped for "gst" in my system's apparmor.d, I found other profiles
> that allowed running gst-plugin-scanner, so I didn't look any further,
> and did just the same for Totem. Sorry I didn't put this all into
> perspective. This mistake should hopefully teach me and help improve
> my future contributions.)
>
gst-plugin-scanner is actually used for audio and video codecs so keeping it out
of the audio profile makes some degree of sense. I'm also not a huge fan of
adding ix rules to the upstream abstractions unless we absolutely have to, so
would prefer if the ix was left in the totem profile. If others strongly
disagree, I could be convinced otherwise.
FYI, I don't think this needs to be done now, but I've found the audio
abstraction a bit wide in modern distributions and I will probably be proposing
a patch set in the future that breaks both gstreamer and pulseaudio out into
their own abstractions, and have audio #include them. At that time, perhaps I
may also propose a named profile for gst-plugin-scanner, but I want to think
about that some more.
--
Jamie Strandboge http://www.ubuntu.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20131009/d9982588/attachment-0001.pgp>
More information about the AppArmor
mailing list