Control: tag -1 + upstream Control: forwarded -1 https://gitlab.com/apparmor/apparmor-profiles/merge_requests/1
Hi, Philipp Kern: > When trying to import a GPG key from the Enigmail per-message "Import > Key" button I get AppArmor denials and the operation just hangs (with a > pulsing progress bar - because it waits for the lock): > [172877.352188] audit: type=1400 audit(1509791941.615:303384): > apparmor="DENIED" operation="link" profile="thunderbird//gpg" > name="/home/pkern/.gnupg/pubring.kbx.lock" pid=14200 comm="gpg2" > requested_mask="l" denied_mask="l" fsuid=1000 ouid=1000 > target="/home/pkern/.gnupg/.#lk0x0000559de00c2e10.desktop.kern.pm.14200" > Even after canceling the operation the denials continue until I kill the > gpg2 process in the background. Thanks! Reproduced, modulo I had to add a bunch of rules to the gpg child profile before I even got to this point. Submitted a MR upstream. Simon, could you please review it? (And while you're at it, you might want to test other kinds of key imports, e.g private keys.) Cheers, -- intrigeri
