[apparmor] profiling pidgin
Me Self
wmsopou at gmail.com
Wed Apr 27 13:02:32 UTC 2016
btw this is on Ubuntu 16.04. apparmor 2.10.95-0ubuntu2
On Wed, Apr 27, 2016 at 2:57 PM, Me Self <wmsopou at gmail.com> wrote:
>
> After profiling pidgin with aa-genprof it wont start up.
>
> So I did aa-compain on pidgin, started pidgin and then ran aa-logprof.
>
> aa-logprof didnt find anything new.
>
> Inspecting the kern.log myself while starting pidgin in complain mode I
> only find two DENIEDs:
>
> Apr 27 14:39:41 boat kernel: [90301.537887] audit: type=1400
> audit(1461760781.869:1955): apparmor="DENIED" operation="connect"
> profile="/usr/bin/pidgin" pid=24003 comm="pidgin" family="unix"
> sock_type="stream" protocol=0 requested_mask="send receive connect"
> denied_mask="send connect" addr=none peer_addr="@/tmp/.X11-unix/X0"
> peer="unconfined"
>
> Apr 27 14:40:22 boat kernel: [90342.547209] audit: type=1400
> audit(1461760822.878:1956): apparmor="DENIED" operation="connect"
> profile="/usr/bin/pidgin" pid=24013 comm="pidgin" family="unix"
> sock_type="stream" protocol=0 requested_mask="send receive connect"
> denied_mask="send connect" addr=none peer_addr="@/tmp/.X11-unix/X0"
> peer="unconfined"
>
> Could these be blocking the app in enforce mode? and why isnt aa-logprof
> picking it up?
>
> The profile looks like this:
>
> # Last Modified: Wed Apr 27 14:38:00 2016
> #include <tunables/global>
>
> /usr/bin/pidgin flags=(complain) {
> #include <abstractions/base>
>
> network inet dgram,
> network inet stream,
> network inet6 dgram,
> network netlink raw,
>
> ptrace trace peer=unconfined,
>
> /dev/ r,
> /dev/shm/ r,
> /dev/shm/* rw,
> /etc/fonts/** r,
> /etc/gai.conf r,
> /etc/gnome/defaults.list r,
> /etc/host.conf r,
> /etc/hosts r,
> /etc/machine-id r,
> /etc/nsswitch.conf r,
> /etc/passwd r,
> /etc/pulse/client.conf r,
> /home/*/.Xauthority r,
> /home/*/.cache/gstreamer-1.0/registry.x86_64.bin r,
> /home/*/.config/dconf/user r,
> /home/*/.config/enchant/ r,
> /home/*/.config/enchant/* rw,
> /home/*/.config/ibus/** r,
> /home/*/.config/ibus/bus/ w,
> /home/*/.local/share/applications/ r,
> /home/*/.local/share/icons/ r,
> /home/*/.purple/* rw,
> /home/*/.purple/certificates/x509/** rw,
> /home/*/.purple/logs/irc/** w,
> /home/*/.purple/plugins/ r,
> /home/*/.purple/smileys/ r,
> /proc/*/status r,
> /run/dbus/system_bus_socket r,
> /run/resolvconf/resolv.conf r,
> /run/user/1000/* rw,
> /run/user/1000/dconf/user rw,
> /sys/devices/system/cpu/ r,
> /sys/devices/system/node/ r,
> /sys/devices/system/node/node0/meminfo r,
> /tmp/ r,
> /usr/bin/pidgin mr,
> /usr/local/share/fonts/ r,
> /usr/share/applications/ r,
> /usr/share/applications/mimeinfo.cache r,
> /usr/share/applications/pidgin.desktop r,
> /usr/share/enchant/enchant.ordering r,
> /usr/share/fontconfig/** r,
> /usr/share/fonts/ r,
> /usr/share/fonts/** r,
> /usr/share/glib-2.0/schemas/gschemas.compiled r,
> /usr/share/gnome/applications/ r,
> /usr/share/hunspell/* r,
> /usr/share/icons/ r,
> /usr/share/icons/** r,
> /usr/share/mime/mime.cache r,
> /usr/share/pixmaps/ r,
> /usr/share/pixmaps/pidgin/** r,
> /usr/share/poppler/**/ r,
> /usr/share/sounds/purple/* r,
> /usr/share/themes/ r,
> /usr/share/themes/** r,
> /usr/share/ubuntu/applications/ r,
> /var/cache/fontconfig/* r,
> /var/tmp/ r,
>
> }
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160427/7f07d659/attachment.html>
More information about the AppArmor
mailing list