<div dir="ltr"><div><div><div><div><div><div><br></div>After profiling pidgin with aa-genprof it wont start up.<br><br></div>So I did aa-compain on pidgin, started pidgin and then ran aa-logprof.<br><br></div>aa-logprof didnt find anything new.<br><br></div>Inspecting the kern.log myself while starting pidgin in complain mode I only find two DENIEDs:<br><br>Apr 27 14:39:41 boat kernel: [90301.537887] audit: type=1400 audit(1461760781.869:1955): apparmor="DENIED" operation="connect" profile="/usr/bin/pidgin" pid=24003 comm="pidgin" family="unix" sock_type="stream" protocol=0 requested_mask="send receive connect" denied_mask="send connect" addr=none peer_addr="@/tmp/.X11-unix/X0" peer="unconfined"<br><br>Apr 27 14:40:22 boat kernel: [90342.547209] audit: type=1400 audit(1461760822.878:1956): apparmor="DENIED" operation="connect" profile="/usr/bin/pidgin" pid=24013 comm="pidgin" family="unix" sock_type="stream" protocol=0 requested_mask="send receive connect" denied_mask="send connect" addr=none peer_addr="@/tmp/.X11-unix/X0" peer="unconfined"<br><br></div>Could these be blocking the app in enforce mode? and why isnt aa-logprof picking it up?<br><br></div>The profile looks like this:<br><br># Last Modified: Wed Apr 27 14:38:00 2016<br>#include <tunables/global><br><br>/usr/bin/pidgin flags=(complain) {<br>  #include <abstractions/base><br><br>  network inet dgram,<br>  network inet stream,<br>  network inet6 dgram,<br>  network netlink raw,<br><br>  ptrace trace peer=unconfined,<br><br>  /dev/ r,<br>  /dev/shm/ r,<br>  /dev/shm/* rw,<br>  /etc/fonts/** r,<br>  /etc/gai.conf r,<br>  /etc/gnome/defaults.list r,<br>  /etc/host.conf r,<br>  /etc/hosts r,<br>  /etc/machine-id r,<br>  /etc/nsswitch.conf r,<br>  /etc/passwd r,<br>  /etc/pulse/client.conf r,<br>  /home/*/.Xauthority r,<br>  /home/*/.cache/gstreamer-1.0/registry.x86_64.bin r,<br>  /home/*/.config/dconf/user r,<br>  /home/*/.config/enchant/ r,<br>  /home/*/.config/enchant/* rw,<br>  /home/*/.config/ibus/** r,<br>  /home/*/.config/ibus/bus/ w,<br>  /home/*/.local/share/applications/ r,<br>  /home/*/.local/share/icons/ r,<br>  /home/*/.purple/* rw,<br>  /home/*/.purple/certificates/x509/** rw,<br>  /home/*/.purple/logs/irc/** w,<br>  /home/*/.purple/plugins/ r,<br>  /home/*/.purple/smileys/ r,<br>  /proc/*/status r,<br>  /run/dbus/system_bus_socket r,<br>  /run/resolvconf/resolv.conf r,<br>  /run/user/1000/* rw,<br>  /run/user/1000/dconf/user rw,<br>  /sys/devices/system/cpu/ r,<br>  /sys/devices/system/node/ r,<br>  /sys/devices/system/node/node0/meminfo r,<br>  /tmp/ r,<br>  /usr/bin/pidgin mr,<br>  /usr/local/share/fonts/ r,<br>  /usr/share/applications/ r,<br>  /usr/share/applications/mimeinfo.cache r,<br>  /usr/share/applications/pidgin.desktop r,<br>  /usr/share/enchant/enchant.ordering r,<br>  /usr/share/fontconfig/** r,<br>  /usr/share/fonts/ r,<br>  /usr/share/fonts/** r,<br>  /usr/share/glib-2.0/schemas/gschemas.compiled r,<br>  /usr/share/gnome/applications/ r,<br>  /usr/share/hunspell/* r,<br>  /usr/share/icons/ r,<br>  /usr/share/icons/** r,<br>  /usr/share/mime/mime.cache r,<br>  /usr/share/pixmaps/ r,<br>  /usr/share/pixmaps/pidgin/** r,<br>  /usr/share/poppler/**/ r,<br>  /usr/share/sounds/purple/* r,<br>  /usr/share/themes/ r,<br>  /usr/share/themes/** r,<br>  /usr/share/ubuntu/applications/ r,<br>  /var/cache/fontconfig/* r,<br>  /var/tmp/ r,<br><br>}<br><div><div><br><div><div><div><div><br></div></div></div></div></div></div></div>