Re: [DNG] AppArmor and TorBrowser

2021-01-25 Thread Dimitris via Dng

Στις 22/1/21 4:46 μ.μ., ο/η Haines Brown έγραψε:


My messages log tells me that AppArmor status for torBrowser is
apparmor="DENIED". "denied_mask="r""



looks like https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976461

so, this is a problem for torbrowser-launcher really, which contains 
these 2 apparmor profiles.


2c,
d.

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng


Re: [DNG] AppArmor and TorBrowser

2021-01-24 Thread Gabe Stanton via Dng
On Fri, 2021-01-22 at 09:46 -0500, Haines Brown wrote:
> AppArmor...

Ascii didn't have AppArmor, and after upgrading to Beowulf I started
getting some errors as well. A little searching told me that AppArmor
errors are common and I ended up just purging AppArmor altogether. I
haven't had any problems from it and it's been a while now, around 6
months IIRC.

I emailed the list about it at the time (not sure if I was responding
to someone else or just reporting my findings).

Gabe
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng


[DNG] AppArmor and TorBrowser

2021-01-22 Thread Haines Brown
At some point my TorBrowser wouldn't start. When I try it 
displays error windows: 

  Tor unexpectedly exited. This might be due to a bug in Tor itself, 
  another program in your system, or faulty hardware. ...

  Tor exited during startup. This might be due to a bug in your torrc
  file or another program on your system, for faulty hardware. ...

I look at the torrc file and it looks like nothing but a set of 
harmless links.

My messages log tells me that AppArmor status for torBrowser is 
apparmor="DENIED". "denied_mask="r""

So I do  # apparmor-status and find six processes are in enforce mode, 
including:

  /home/haines/.local/share/torbrowser/tbb/x86_64/ \
  tor-browser_en-US/Browser/firefox.real
  (8708) torbrowser_firefox

I do 

  $ ps aux | grep  8708
  haines8708  0.1  0.9 2517308 156740 pts/11 Sl   07:53   0:03
  ./firefox.real --class Tor Browser -profile
  TorBrowser/Data/Browser/profile.default 

Killing process does not get me torBrowser back.

I gather I could edit the profile in /etc/apparmor.d  directly. There 
are two profiles there  torbrowser.Tor.tor and 
torbrowser.Browser.firefox. I didn't know which to edit, and there was 
nothing obvious I should do to edit in them.

Instead I simply removed and reinstalled the two profiles with:
 
  # apparmor_parser -R /etc/apparmor.d/ 
  # apparmor_parser -a /etc/apparmor.d/ 

That did not help, so I simply removed them. Then I'm supposed to 
inform the kern of this with:

  # echo -n “torbrowser.Browser.firefox” > 
  /sys/kernel/security/apparmor/.remove

Byt get: 

   -bash: echo: write error: No such file or directory

This is becasue my /sys/kernel/security/apparmor/ directory holds no 
.remove file.

I still can't start torbrowser.

I don't want to breask things by going any further such as creating a 
.remove file and adding  the two lines to it:  

  torbrowser.Browser.firefox
  torBrowser.Tor.tor

-- 
Haines Brown  
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng