Hi, On Thu, Oct 25, 2018 at 05:49:27PM -0400, Anthony DeRobertis wrote: > I understand the goal is to get AppArmor back in to enforcing mode > someday, so presumably these complain-mode allow messages are of use. > Presumably the xauth one will effect a lot of people (as that's the > value of $XAUTHORITY here, set by KDE/sddm).
Maybe. > Then there is a lot of nVidia stuff, probably from this machine using the > nVidia proprietary > driver. Then the nvidia drivers (which I do not care about at all, to be honest) or libdrm or whatever should ship needed stuff. I mean, it's not LO using the stuff directly, it's those. It would imho be completely nonsense to make LO honour driver-specific things for every possible driver. I think I saw these once in an other report where I reassigned that one or a clone to either of those, need to search for it... > (Side note, I understand sandboxing web browsers and the like with > AppArmor. Firefox shouldn't have random access to $HOME. But I wonder if > its really worth it for LibreOffice; by its nature it must have access > to my important documents. But that's a discussion for elsewhere, I'm > sure.) Yes, and there's the "get xyz from the filesystem" or "do not run xyz after a security bug was used" scenario. I wouldn't have written a profile if one (incomplete and ooold, as noticed.) wasn't already there and ready to be installed. > Installed VCLplugs: > Desired=Unknown/Install/Remove/Purge/Hold > | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend > |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) > ||/ Name Version Architecture Description > +++-================-============-============-================================= > un libreoffice-gtk2 <none> <none> (no description available) > un libreoffice-gtk3 <none> <none> (no description available) > un libreoffice-kde <none> <none> (no description available) Not that it matters here, but no -kde(5) even when you're using KDE? Regards, Rene