[apparmor] [profile] Firefox: DENIED "m" access to /home/user/.nv folder.
Simon McVittie
simon.mcvittie at collabora.co.uk
Wed Jan 25 16:09:13 UTC 2017
On Wed, 25 Jan 2017 at 12:56:57 +0100, daniel curtis wrote:
> As you have noticed: "the filename feels like a random name".
I suspect this might be the nVidia driver creating a file that can be
mmapped for use in a shared-memory protocol. Open source graphics drivers
(particularly Wayland) use files in XDG_RUNTIME_DIR[1][2][3] for a similar
purpose, but for whatever reason your driver is writing them to disk instead
of putting them in a tmpfs?
If you want more information about what the proprietary nVidia driver
is doing, I'm afraid your only recourse is to talk to nVidia.
[1] https://code.launchpad.net/~intrigeri/apparmor/wayland/+merge/305422
[2] https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1507469
[3] https://codesearch.debian.net/search?q=create_anonymous_file
> So, the question is: what should I do in such situation? Add a new rule to the
> Firefox profile or just use <abstractions/nvidia> file?
If Firefox is legitimately doing 3D graphics, then it would be sensible to
include the abstractions that represent "everything you need to do 3D
graphics", including <abstractions/nvidia>.
S
More information about the AppArmor
mailing list