AppArmor

abstractions/gnome should allow ~/.cache/thumbnails/fail/gnome-thumbnail-factory/*.png

Bug #1701921 reported by Vincas Dargis on 2017-07-02

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	AppArmor	New	Undecided	Unassigned

Bug Description

On Ubuntu 17.10 (currently alpha) Gnome file dialog produces this audit entry:

type=AVC msg=audit(1499000321.848:8248): apparmor="DENIED" operation="open" profile="skypeforlinux" name="/home/vincas/.cache/thumbnails/fail/gnome-thumbnail-factory/39e2023d634480a9852aca5e4d7bb600.png" pid=15763 comm="pool" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
type=SYSCALL msg=audit(1499000321.848:8248): arch=c000003e syscall=2 per=400000 success=no exit=-13 a0=5c01cf00f00 a1=0 a2=0 a3=1 items=0 ppid=1 pid=15763 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=(none) ses=4294967295 comm="pool" exe="/usr/share/skypeforlinux/skypeforlinux" key=(null)
type=PROCTITLE msg=audit(1499000321.848:8248): proctitle=2F7573722F73686172652F736B797065666F726C696E75782F736B797065666F726C696E7578202D2D65786563757465642D66726F6D3D2F686F6D652F76696E636173202D2D7069643D3135373536

(later it asks for 'm' and 'w' also).

Adding:

owner @{HOME}/.cache/thumbnails/fail/gnome-thumbnail-factory/*.png mrw,

into "abstractions/gnome" fixes this problem.

I can provide merge request if this seems reasonable for "abstractions/gnome".

See original description

Vincas Dargis (talkless) on 2017-07-02

description:	updated
description:	updated
description:	updated

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.