Your message dated Thu, 07 Dec 2017 17:52:37 +0100 with message-id <[email protected]> and subject line Re: Bug#883256: apparmor-profiles-extra: Totem can't access files outside $HOME has caused the Debian Bug report #883256, regarding apparmor-profiles-extra: Totem can't access files outside $HOME to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 883256: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883256 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: apparmor-profiles-extra Version: 1.16 Severity: important User: [email protected] Usertags: buggy-profile Hi, with the AppArmor profile enabled, I can't access any file outside my $HOME directory. While I understand the idea behind it, it's rather annoying with my setup (which is not too uncommon I think). I have a HDD for my media files while everything else is on a SSD thus my media files live outside my $HOME directory. I know how to fix the problem for myself but I think the profile is too strict here. Best, Philip -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (600, 'testing'), (550, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.13.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages apparmor-profiles-extra depends on: ii apparmor 2.11.1-3 apparmor-profiles-extra recommends no packages. apparmor-profiles-extra suggests no packages. -- no debconf information
signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---Hi Philipp, Philip Rinn: > sorry for replying so late. Take it easy, 6 days to reply is rather fast :) > On 07.12.2017 at 08:51, intrigeri wrote: >> The Totem profile allows common locations for media files outside of $HOME, >> such as /{media,mnt,opt,srv}/**. Where are the files you're trying to play >> located? If they are in one of the supposedly allowed directories, please >> provide the AppArmor denial logs. > The files I tried to access are in /bigdata/Filme/**. I added this line in > /etc/apparmor.d/local/usr.bin.totem > owner /bigdata/Filme/** rw, > and everything works. > I didn't look into <abstractions/totem> before filing the bug (due to not > being > familiar with how apparmor profiles work). If I had, I wouldn't have filed the > bug. I think the behavior of the profile is totally fine, feel free to close > the > bug. Thanks for confirming! OK, closing then. Cheers, -- intrigeri
--- End Message ---
