[apparmor] [profile] Firefox: "org.freedesktop.UPower", "org.gtk.vfs.MountTracker", "lsb_release" child profile and other DENIED entries.
daniel curtis
sidetripping at gmail.com
Sat May 6 17:54:07 UTC 2017
Hello Seth,
Thank You very much for an answers and explanations. I really appreciate
it; your help and so on :- ) I will try to take your suggestions and to do
something with these entries etc.
However, there is one more DENIED entry - I saw this one today, after first
Firefox start. It looks this way:
May 6 19:15:47 t1 dbus[1546]: apparmor="DENIED"
operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMountableInfo" mask="send" name=":1.9" pid=5882
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1654
peer_label="unconfined"
As we can see, this DENIED entry appeared once again. You wrote, that; "the
'name' in your proposed policy snippet probably wouldn't work though, it
probably needs to be 'interface' (...)." So, could this rule looks this
way?
dbus (send)
bus=session
interface=org.gtk.vfs.mounttracker
member={ListMountableInfo}
Is it OK or bad rule, to use? Thank You once again.
Best regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20170506/3d573ce3/attachment.html>
More information about the AppArmor
mailing list