Ah! The rule
```
audit dbus bus=system,
```
is the problem. It is tagging every dbus match to be audited. You can
drop that rule entirely, and just add dbus allow rules as needed, like
the first 3 rules. Or you could allow all dbus system bus accesses by
dropping the ```audit``` keyword, in
Unfortunately that didn't made any change. My
/etc/apparmor.d/usr.bin.redshift now looks like follows.
/usr/bin/redshift {
dbus send bus="system"
path="/org/freedesktop/DBus"
interface="org.freedesktop.DBus"
member="{GetNameOwner,StartServiceByName,AddMatch}",
dbus
with in the profile block, eg.
profile redshift {
or something similar, add the following rules
dbus send bus="system" path="/org/freedesktop/DBus"
interface="org.freedesktop.DBus"
member="{GetNameOwner,StartServiceByName,AddMatch}",
dbus send bus="system"
Which would be?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1948752
Title:
apparmor is logging too many messages
Status in Redshift:
New
Status in apparmor package
The /usr/bin/redshift profile needs some additional dbus rules.
** Also affects: redshift
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
5 matches
Mail list logo