Re: [SOGo] Behaviour of sogo-tool and sogo-alarms-notify in version 3 on Debian Stretch
On 2019-03-18 20:58, André Rodier wrote: On Sat, 2019-03-16 at 06:34 +, André Rodier wrote: Hello, good morning. I am using SOGo on Debian Stretch. I am globally very happy. Calendars and contacts are perfectly synchronised with my phone, the web interface is slick and simple, etc... I am also using AppArmor, and I am puzzled by a behaviour of some SOGo binaries on my system. Basically, these two tools are opening the root folder ("/") thousand times a day, just for reading and getting the attributes: > operation="getattr" profile="/usr/sbin/sogo-ealarms-notify" name="/" > comm="sogo-ealarms-no" requested_mask="r" fsuid=126 ouid=0 > operation="getattr" profile="/usr/sbin/sogo-tool" name="/" > comm="sogo-tool" requested_mask="r" fsuid=126 ouid=0 > operation="open" profile="/usr/sbin/sogo-tool" name="/" > comm="sogo-tool" requested_mask="r" fsuid=126 ouid=0 To avoid any errors and to count them, I allowed but audited the requests. I literally have thousand queries per day, just this morning: > root@portal ~# > journalctl | grep AUDIT | grep sogo| grep 'Mar 16' | wc -l > 4393 I really wonder why those binaries are opening the root ("/") folder, even for reading and getting the attributes. - What is the point of doing this? - Is this a bug? - Is this fixed in the version 4? Thanks a lot for your support. Your work is very valuable and will make people life easier. Hello again, I don't mind looking for the origin of the bug myself, but can you point me in the direction, please? Where can I see the source code of the tools sogo-ealarms-notify and sogo-tool on github? Thanks, André I have added a new bug on the tracking system (#4704). https://sogo.nu/bugs/view.php?id=4704 I am happy to help, but I really would like someone pointing me in the direction. Kind regards, André -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Behaviour of sogo-tool and sogo-alarms-notify in version 3 on Debian Stretch
Hello again, I don't mind looking for the origin of the bug myself, but can you point me in the direction, please? Where can I see the source code of the tools sogo-ealarms-notify and sogo-tool on github? Thanks, André On Sat, 2019-03-16 at 06:34 +, André Rodier wrote: > Hello, good morning. > > I am using SOGo on Debian Stretch. I am globally very happy. Calendars > and contacts are perfectly synchronised with my phone, the web interface > is slick and simple, etc... > > I am also using AppArmor, and I am puzzled by a behaviour of some SOGo > binaries on my system. Basically, these two tools are opening the root > folder ("/") thousand times a day, just for reading and getting the > attributes: > > > operation="getattr" profile="/usr/sbin/sogo-ealarms-notify" name="/" > > comm="sogo-ealarms-no" requested_mask="r" fsuid=126 ouid=0 > > operation="getattr" profile="/usr/sbin/sogo-tool" name="/" > > comm="sogo-tool" requested_mask="r" fsuid=126 ouid=0 > > operation="open" profile="/usr/sbin/sogo-tool" name="/" > > comm="sogo-tool" requested_mask="r" fsuid=126 ouid=0 > > To avoid any errors and to count them, I allowed but audited the > requests. > > I literally have thousand queries per day, just this morning: > > > root@portal ~# > > journalctl | grep AUDIT | grep sogo| grep 'Mar 16' | wc -l > > 4393 > > I really wonder why those binaries are opening the root ("/") folder, > even for reading and getting the attributes. > > - What is the point of doing this? > - Is this a bug? > - Is this fixed in the version 4? > > Thanks a lot for your support. Your work is very valuable and will make > people life easier. > > Kind regards, > André -- André Rodier HomeBox: https://github.com/progmaticltd/homebox -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] Behaviour of sogo-tool and sogo-alarms-notify in version 3 on Debian Stretch
Hello, good morning. I am using SOGo on Debian Stretch. I am globally very happy. Calendars and contacts are perfectly synchronised with my phone, the web interface is slick and simple, etc... I am also using AppArmor, and I am puzzled by a behaviour of some SOGo binaries on my system. Basically, these two tools are opening the root folder ("/") thousand times a day, just for reading and getting the attributes: operation="getattr" profile="/usr/sbin/sogo-ealarms-notify" name="/" comm="sogo-ealarms-no" requested_mask="r" fsuid=126 ouid=0 operation="getattr" profile="/usr/sbin/sogo-tool" name="/" comm="sogo-tool" requested_mask="r" fsuid=126 ouid=0 operation="open" profile="/usr/sbin/sogo-tool" name="/" comm="sogo-tool" requested_mask="r" fsuid=126 ouid=0 To avoid any errors and to count them, I allowed but audited the requests. I literally have thousand queries per day, just this morning: root@portal ~# journalctl | grep AUDIT | grep sogo| grep 'Mar 16' | wc -l 4393 I really wonder why those binaries are opening the root ("/") folder, even for reading and getting the attributes. - What is the point of doing this? - Is this a bug? - Is this fixed in the version 4? Thanks a lot for your support. Your work is very valuable and will make people life easier. Kind regards, André -- https://github.com/progmaticltd/homebox -- users@sogo.nu https://inverse.ca/sogo/lists