Hello Vincas, hello Simon, could you please have a look at this? I can't overview any side effects if the suggested change would be applied. Thanks!
Regards Carsten On Thu, Apr 05, 2018 at 10:39:13AM -0300, Agustin Henze wrote: > On Thu, 5 Apr 2018 09:47:52 -0300 Agustin Henze <[email protected]> wrote: > > Package: thunderbird > > Version: 1:52.7.0-1 > > Severity: normal > > > > Dear maintainer, from time to time I was finding a gpg process consuming the > > 100% of one cpu. A Debian fellow mentioned me that maybe AppArmor could be > > the > > cause, so I dug into it a little bit and found that AppArmor is denying the > > access to gpg to the file ~/.gnupg/tofu.db. > > > > apparmor="DENIED" operation="file_lock" profile="thunderbird//gpg" > > name="/home/tin/.gnupg/tofu.db" pid=4245 comm="gpg" requested_mask="k" > > denied_mask="k" fsuid=1000 ouid=1000 > > > > I have added the following line into /etc/apparmor.d/usr.bin.thunderbird > > and it > > worked ok: > > @@ -248,6 +248,7 @@ > owner @{HOME}/.gnupg/trustdb.gpg rw, > owner @{HOME}/.gnupg/S.gpg-agent rw, > owner @{HOME}/.gnupg/S.dirmngr rw, > + owner @{HOME}/.gnupg/tofu.db rwl, > owner @{HOME}/.gnupg/*.{gpg,kbx}.{lock,tmp} rwl, > owner @{HOME}/.gnupg/.gpg-*.lock rwl, > owner @{HOME}/.gnupg/gnupg_spawn_*.lock rwl, > > Update "the patch", allow file locking is mandatory > > Cheers, > > -- > TiN >
