Also, if I allow this access in the profile, then the next denial is:
Jun 24 17:12:00 ubuntu-phablet kernel: [44546.645041] type=1400
audit(1435183920.324:495): apparmor="DENIED" operation="mknod"
profile="com.ubuntu.developer.rmescandon.asana_account-plugin_1.0.0"
name="/home/phablet/.cache/QML/Apps/online-accounts-ui/ea1df0af2467507eb3888f68100da073"
pid=17998 comm="QQmlThread" requested_mask="c" denied_mask="c" fsuid=32011
ouid=32011
The rules we agreed we would allow for this is:
owner
/{,var/}run/user/*/online-accounts-ui/ui-*-@{APP_PKGNAME}_@{APP_APPNAME} rw,
owner @{HOME}/.cache/online-accounts-ui/id-*-@{APP_PKGNAME}_@{APP_APPNAME}/
rw,
owner @{HOME}/.cache/online-accounts-ui/id-*-@{APP_PKGNAME}_@{APP_APPNAME}/**
mrwkl,
This is on:
$ system-image-cli -i
current build number: 169
device name: mako
channel: ubuntu-touch/rc-proposed/ubuntu
last update: 2015-06-21 17:39:00
version version: 169
version ubuntu: 20150621
version device: 20150210
version custom: 20150621
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1219644
Title:
Account plugins should be made confinable by apparmor
To manage notifications about this bug go to:
https://bugs.launchpad.net/click-reviewers-tools/+bug/1219644/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
