[apparmor] [PATCH] Entirely rework the Pidgin profile.
simon.deziel at gmail.com
Tue Mar 25 21:52:22 UTC 2014
On 14-03-25 05:43 PM, John Johansen wrote:
> On 03/10/2014 08:34 AM, intrigeri at debian.org wrote:
>> From: intrigeri <intrigeri at boum.org>
>> Thanks a lot to Simon Deziel <simon.deziel at gmail.com> for working on this
>> with me.
> So this is looking pretty good to me, I have even installed it and fired up
> pidgin on trusty
Thanks for giving it a try.
> I got rejects for
> [ 4563.864233] type=1400 audit(1395773475.248:552): apparmor="DENIED" operation="open" profile="/usr/bin/pidgin" name="/home/jj/.local/share/applications/wine/" pid=4958 comm="gvfs-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
> which has me wondering what its doing poke at wine, I was thinking of
> adding a deny for that, but I'd like to here what you think first
I have no clue why it does that and also feel a deny rule makes sense.
> [ 350.085941] type=1400 audit(1395769265.052:129): apparmor="DENIED" operation="ptrace" profile="/usr/bin/pidgin" pid=3057 comm="pidgin" target=642240A40288FFFF642240A40288FFFF10C440A40288FFFF10C440A40288FFFF20C440A40288FFFF20C440A40288FFFF4206
> the ptrace one is showing a bug in the trusty kernel at least for the
> target name so I'd say ignore it at the moment
More information about the AppArmor