On 2018-01-21 20:33, Rene Engelhard wrote:
Want to do a MR or should I just backport the patch myself?
I would like to try to backport it within upcoming week.
HI,
On Sun, Jan 21, 2018 at 04:28:42PM +0200, Vincas Dargis wrote:
> https://gerrit.libreoffice.org/#/c/48265/
Merged upstream (and submitted it for -6-0, too), and created
https://gitlab.com/apparmor/apparmor/merge_requests/59
Want to do a MR or should I just backport the patch myself?
https://gerrit.libreoffice.org/#/c/48265/
For the record, these */uevent files are accessed by libdrm
Here's breakpoint while opening `/sys/dev/char/226:0/device/ueven` file:
```
Thread 2.1 "soffice.bin" hit Catchpoint 1 (call to syscall openat), 0x7fa253f6961e in __libc_open64
(file=0x7ffe077e8900
Hi,
On Fri, Jan 19, 2018 at 11:24:56PM +0100, Christian Boltz wrote:
> If you want to have a common child profile for gpg and gpgsm, use
>
> /usr/bin/gpg mrCx -> gpg,
> /usr/bin/gpgsmmrCx -> gpg,
>
> profile gpg {
> # whatever is
Hello,
Am Freitag, 19. Januar 2018, 13:16:57 CET schrieb Rene Engelhard:
> On Fri, Jan 19, 2018 at 12:52:32PM +0100, Christian Boltz wrote:
> > I'd recommend to use Cx (child profile) rules for gpg so that only
> > gpg (and not libreoffice) get access to ~/.gnupg/
>
> So you basically say this
On Fri, Jan 19, 2018 at 12:52:32PM +0100, Christian Boltz wrote:
> just a quick note:
>
> > + /usr/bin/gpg rmix,
> > + /usr/bin/gpgsmrmix,
>
> and in a later comment
>
> > Thinking about it, we probably also would need owner
> >
Hello,
just a quick note:
> + /usr/bin/gpg rmix,
> + /usr/bin/gpgsmrmix,
and in a later comment
> Thinking about it, we probably also would need owner
> "@{HOME}/.gnupg/* rwk," then for gpg. This gets interesting...
I'd recommend to use Cx
On Thu, Jan 18, 2018 at 11:29:19AM +0100, Félix Sipma wrote:
> Jan 18 11:09:25 laptop audit[21088]: AVC apparmor="ALLOWED"
> operation="open" profile="libreoffice-oopslash"
> name="/sys/devices/virtual/block/dm-0/queue/rotational" pid=21088
> comm="oosplash" requested_mask="r"
Hi again,
On Thu, Jan 18, 2018 at 02:05:02PM +0100, Rene Engelhard wrote:
> X stuff
diff --git a/sysui/desktop/apparmor/program.oosplash
b/sysui/desktop/apparmor/program.oosplash
index fef54b7ee384..d68fa776de8f 100644
--- a/sysui/desktop/apparmor/program.oosplash
+++
Processing commands for cont...@bugs.debian.org:
> severity 887593 minor
Bug #887593 [libreoffice-common] libreoffice-common: apparmor profiles triggers
lot of ALLOWED entries
Severity set to 'minor' from 'normal'
> block 886548 by 887953
Bug #886548 [libreoffice-common] libreoffice-common: Try
severity 887593 minor
block 886548 by 887953
thanks
On Thu, Jan 18, 2018 at 11:29:19AM +0100, Félix Sipma wrote:
> I get a lot of warnings in my logs concerning libreoffice and apparmor. They
> appear as ALLOWED, but that would mean they would be DENIED if apparmor was
> enabled.
Which is the
Package: libreoffice-common
Version: 1:5.4.4-1
Severity: normal
I get a lot of warnings in my logs concerning libreoffice and apparmor. They
appear as ALLOWED, but that would mean they would be DENIED if apparmor was
enabled.
I'm reporting to libreoffice-common, because that's the package
13 matches
Mail list logo
