[apparmor] [profile] Audacious: abstractions/ubuntu-media-players and /var/log/syslog file issues.
daniel curtis
sidetripping at gmail.com
Thu Jul 20 10:31:25 UTC 2017
Hello
Yesterday, I've created a profile for Audacious v3.6.2-2. Everything is
working as expected. However, there are two issues, which wonders me. This
profile was created with a very helpful profile generation utility for
AppArmor; aa-genprof(8). After answering some questions about profile, I
corrected some rules and Audacious is working OK.
Now I want to ask about these issues; log files contains a few "DENIED"
entries about '/var/log/syslog' file:
✗ apparmor="DENIED" operation="open" profile="/usr/bin/audacious"
name="/var/log/syslog" comm="pool" requested_mask="r" denied_mask="r"
fsuid=1000 ouid=104
Does audacious really need an access to this file? Or it's just "noise" and
I can use this command to stop this?
✓ deny /var/log/syslog r,
What do you think about this? For now, I'd removed this rule and Audacious
works normally. Just these log entries...
Next thing; 'abstractions/ubuntu-media-players' file contain rule related
to Audacious and it looks this way:
✓ /usr/bin/audacious2 Cxr -> sanitized_helper,
As we can see, there is 'audacious2', right? But I don't have such file on
16.04 LTS. There is 'audacious' - without '2', instead. During creating a
profile for Parole, I've asked why it is not included in
'abstraction/ubuntu-media-players' file. If I remember correctly, Mr Seth
Arnold answered; because Parole have no profile. (Precisely: "Because you
haven't submitted the profile yet.") OK, but I can not find Audacious
profile either! ;- )
Anyway, I want to ask, if I can change above rule by removing '2'? I think,
that this change is needed, because '/usr/bin/audacious' exists in 16.04
LTS Release etc. (While '/usr/bin/audacious2' is not.) Here is a "new"
rule:
✓ /usr/bin/audacious Cxr -> sanitized_helper,
What is your opinions? What do you think about this? Can I make such
change? By the way: Audacious version available in 16.04 LTS is 3.6.2-2. On
the official website, a newer version is 3.8.2 (there is also 3.9-beta1.)
Is there any plan to do an update etc.? Just asking... ;- )
I think, that's all for now. Thanks, best regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20170720/7b6a662a/attachment.html>
More information about the AppArmor
mailing list