I have this rule in my profile:
# We want to explicitly deny access to NetworkManager
deny dbus (send)
bus=system path=/org/freedesktop/NetworkManager,
but with this rule, I still see these denials:
Sep 17 01:03:02 ubuntu-phablet dbus[622]: apparmor="DENIED" operation="dbus_method_call" bus="system" name="org.freedesktop.NetworkManager" path="/org/freedesktop/NetworkManager" interface="org.freedesktop.DBus.Introspectable" member="Introspect" mask="send" pid=3201 profile="net.launchpad.ubuntu-security.ubuntu-sdk-1310-api-demos_ubuntu-sdk-1310-api-demos_0.1" peer_pid=1154 peer_profile="unconfined"
Sep 17 01:03:02 ubuntu-phablet dbus[622]: apparmor="DENIED" operation="dbus_method_call" bus="system" name="org.freedesktop.NetworkManager" path="/org/freedesktop/NetworkManager" interface="org.freedesktop.NetworkManager" member="GetDevices" mask="send" pid=3201 profile="net.launchpad.ubuntu-security.ubuntu-sdk-1310-api-demos_ubuntu-sdk-1310-api-demos_0.1" peer_pid=1154 peer_profile="unconfined"
I have this rule in my profile:
path=/org/ freedesktop/ NetworkManager,
# We want to explicitly deny access to NetworkManager
deny dbus (send)
bus=system
but with this rule, I still see these denials: "dbus_method_ call" bus="system" name="org. freedesktop. NetworkManager" path="/ org/freedesktop /NetworkManager " interface= "org.freedeskto p.DBus. Introspectable" member="Introspect" mask="send" pid=3201 profile= "net.launchpad. ubuntu- security. ubuntu- sdk-1310- api-demos_ ubuntu- sdk-1310- api-demos_ 0.1" peer_pid=1154 peer_profile= "unconfined" "dbus_method_ call" bus="system" name="org. freedesktop. NetworkManager" path="/ org/freedesktop /NetworkManager " interface= "org.freedeskto p.NetworkManage r" member="GetDevices" mask="send" pid=3201 profile= "net.launchpad. ubuntu- security. ubuntu- sdk-1310- api-demos_ ubuntu- sdk-1310- api-demos_ 0.1" peer_pid=1154 peer_profile= "unconfined"
Sep 17 01:03:02 ubuntu-phablet dbus[622]: apparmor="DENIED" operation=
Sep 17 01:03:02 ubuntu-phablet dbus[622]: apparmor="DENIED" operation=