Hello, Am Samstag, 9. September 2023, 13:25:30 CEST schrieb intrigeri: > dp217 (2023-09-08): > > When trying to start the Evolution mail app, AppArmor does not allow > > it to start and displays a message: apparmor="DENIED" > > operation="mount" info="failed mntpnt match" error=-13 > > profile="/usr/bin/evolution" name="/" pid=1923 comm="bwrap" > > flags="rw, silent, rslave" > As far as I know we don't confine Evolution with AppArmor in Debian, > so I suppose you've installed or enabled a profile yourself, and then > I would encourage you to report this problem to the authors of > said profile. > > If my assumptions are incorrect, please help me understand :)
comm="bwrap" looks like a hint towards bubblewrap, therefore my guess
is that we are looking at a flatpak-packaged evolution here. But that's
just a guess, so I'll wait for the feedback from the reporter.
That said:
The profile will need a mount rule added, probably
mount options=(rw, silent, rslave) -> /,
(I know allowing evolution or bwrap to mount / looks strange, even if
it's inside a sandbox. But I'm afraid that's what the sandbox needs.)
For the records. aa-logprof doesn't support mount rules yet (besides
keeping/not breaking existing rules) which is why it doesn't ask
anything for the DENIED event quoted above.
Regards,
Christian Boltz
--
[Unterschied zwischen "echten" MB (1024 kB) und "Marketing-MB" (1000 kB]
Wundert mich, daß Media Markt das noch nicht als Marktlücke entdeckt hat
:-) 537 MB-Speichermodule als Ersatz für herkömmliche 512 MB Module für
noch mehr Leistung - garantiert überall lauffähig, wo auch die normalen
512 MB Module laufen *vbeg* [Adalbert Michelic in suse-linux-faq]
signature.asc
Description: This is a digitally signed message part.
