Hi,
just put this in /etc/apparmor.d/local/usr.bin.thunderbird :
owner @{HOME}/.signature.d/** r,
azur
Citát Sylvain Leroux <[email protected]>:
Hi everyone,
I'm a seasoned Linux administrator but I have little prior experience
with AppArmor. FWIW, I already have asked this question on the
SuperUser StackExchange web site this afternoon [1], but it received
little interest, and I now have little hopes to have an answer there.
Our Linux Debian boxes have a standard policy for the Thunderbird
email client in `/etc/apparmor.d/usr.bin.thunderbird`
One user needs Thunderbird to have read access to the files stored in
his `${HOME}/signature.d/` folder. Is there a way to create a
user-specific profile that _includes_ the default profile settings,
but granting extra access the the needed files? I didn't find any
reference about that particular use case, and my first attempts were
unsuccessful. But I can't say if my syntax was wrong, of if this
wasn't possible at all. Here what I tried:
```
$ cat "${HOME}/.apparmor.d/usr.bin.thunderbird"
#include </etc/apparmor.d/usr.bin.thunderbird>
profile thunderbird @{thunderbird_executable} {
owner @{HOME}/.signature.d/** r,
}
$ sudo systemctl restart apparmor
```
This doesn't seem to change anything. At such point I don't think the
user-specific profile is read at all. Could you help me fixing that?
Thanks a lot,
- - Sylvain Leroux
[1]
https://superuser.com/questions/1516181/configure-apparmor-to-allow-file-access-on-a-per-user-basis
- --
- -- Sylvain Leroux
- -- [email protected]
- -- http://www.chicoree.fr
--
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
--
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
