Public bug reported: Hello
When we are using removable smartcard to authenticate, basically we set cert in /etc/sssd/pki/ as doc[1] says. and we have issue with Permission Denied. If we put /etc/sssd/pki/** r, in apparmor profile. it works. Although the path could be set to different path but no specific path for it and we mentioned it in doc[1] so It would be good if we can add above path to apparmor profile. I don't have 100% the same reproducer but I can test simple one. sudo aa-exec -p /usr/sbin/sssd -- cat /etc/sssd/pki/sssd_auth_ca_db.pem Thanks. [1] https://manpages.ubuntu.com/manpages/noble/man5/sssd.conf.5.html ** Affects: sssd (Ubuntu) Importance: Undecided Status: New ** Tags: sts ** Tags added: sts -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2109673 Title: sssd apparmor profile need /etc/sssd/pki/** r To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/2109673/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
