[apparmor] profiling pidgin
Me Self
wmsopou at gmail.com
Wed Apr 27 12:57:40 UTC 2016
After profiling pidgin with aa-genprof it wont start up.
So I did aa-compain on pidgin, started pidgin and then ran aa-logprof.
aa-logprof didnt find anything new.
Inspecting the kern.log myself while starting pidgin in complain mode I
only find two DENIEDs:
Apr 27 14:39:41 boat kernel: [90301.537887] audit: type=1400
audit(1461760781.869:1955): apparmor="DENIED" operation="connect"
profile="/usr/bin/pidgin" pid=24003 comm="pidgin" family="unix"
sock_type="stream" protocol=0 requested_mask="send receive connect"
denied_mask="send connect" addr=none peer_addr="@/tmp/.X11-unix/X0"
peer="unconfined"
Apr 27 14:40:22 boat kernel: [90342.547209] audit: type=1400
audit(1461760822.878:1956): apparmor="DENIED" operation="connect"
profile="/usr/bin/pidgin" pid=24013 comm="pidgin" family="unix"
sock_type="stream" protocol=0 requested_mask="send receive connect"
denied_mask="send connect" addr=none peer_addr="@/tmp/.X11-unix/X0"
peer="unconfined"
Could these be blocking the app in enforce mode? and why isnt aa-logprof
picking it up?
The profile looks like this:
# Last Modified: Wed Apr 27 14:38:00 2016
#include <tunables/global>
/usr/bin/pidgin flags=(complain) {
#include <abstractions/base>
network inet dgram,
network inet stream,
network inet6 dgram,
network netlink raw,
ptrace trace peer=unconfined,
/dev/ r,
/dev/shm/ r,
/dev/shm/* rw,
/etc/fonts/** r,
/etc/gai.conf r,
/etc/gnome/defaults.list r,
/etc/host.conf r,
/etc/hosts r,
/etc/machine-id r,
/etc/nsswitch.conf r,
/etc/passwd r,
/etc/pulse/client.conf r,
/home/*/.Xauthority r,
/home/*/.cache/gstreamer-1.0/registry.x86_64.bin r,
/home/*/.config/dconf/user r,
/home/*/.config/enchant/ r,
/home/*/.config/enchant/* rw,
/home/*/.config/ibus/** r,
/home/*/.config/ibus/bus/ w,
/home/*/.local/share/applications/ r,
/home/*/.local/share/icons/ r,
/home/*/.purple/* rw,
/home/*/.purple/certificates/x509/** rw,
/home/*/.purple/logs/irc/** w,
/home/*/.purple/plugins/ r,
/home/*/.purple/smileys/ r,
/proc/*/status r,
/run/dbus/system_bus_socket r,
/run/resolvconf/resolv.conf r,
/run/user/1000/* rw,
/run/user/1000/dconf/user rw,
/sys/devices/system/cpu/ r,
/sys/devices/system/node/ r,
/sys/devices/system/node/node0/meminfo r,
/tmp/ r,
/usr/bin/pidgin mr,
/usr/local/share/fonts/ r,
/usr/share/applications/ r,
/usr/share/applications/mimeinfo.cache r,
/usr/share/applications/pidgin.desktop r,
/usr/share/enchant/enchant.ordering r,
/usr/share/fontconfig/** r,
/usr/share/fonts/ r,
/usr/share/fonts/** r,
/usr/share/glib-2.0/schemas/gschemas.compiled r,
/usr/share/gnome/applications/ r,
/usr/share/hunspell/* r,
/usr/share/icons/ r,
/usr/share/icons/** r,
/usr/share/mime/mime.cache r,
/usr/share/pixmaps/ r,
/usr/share/pixmaps/pidgin/** r,
/usr/share/poppler/**/ r,
/usr/share/sounds/purple/* r,
/usr/share/themes/ r,
/usr/share/themes/** r,
/usr/share/ubuntu/applications/ r,
/var/cache/fontconfig/* r,
/var/tmp/ r,
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160427/5428eaae/attachment.html>
More information about the AppArmor
mailing list