> name="/etc/compizconfig/upgrades/com.canonical.unity.unity.01.upgrade"
pid=31248 comm="compiz" requested_mask="c"
Will explicitly deny, guest should have no business writing to /etc/.
> operation="mknod" parent=31640 profile="/usr/lib/lightdm/lightdm-
guest-session-wrapper"
name="/usr/share/gwibber/plugins/twitter/__init__.pyc"
Fixed locally, too. I generally disallow writing to /usr/** now (python
tries to create .pyc files, the "mknod" is wrong and misleading there).
This is also the cause for the system-config-printer debug.pyc message.
> name="/run/shm/sem.mp31641-0" pid=31641 comm="gwibber-service"
requested_mask="l"
Fixed locally, allowing this. Unbreaks gwibber.
I also locally fixed the gnome-keyring failure.
The only thing which I can't fix are these annoying errors about /proc/.
With current AppArmor there is no way to explicitly deny /proc/ access
except for the explicitly granted permissions. I. e. this doesn't work:
owner @{PROC}/** rm,
deny @{PROC}/** r
as deny always wins over the "allow" rules. So we need to live with
them, but they are harmless.
** Also affects: lightdm
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/877736
Title:
the guest account apparmor profile blocks things that seem useful
To manage notifications about this bug go to:
https://bugs.launchpad.net/lightdm/+bug/877736/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
