Ok, thanks for making it clearer, not sure if that's triggered by using authd that implies that NSS requests are going to connect to `/run/authd.sock`.
I'm unsure if we should actually make authd to ship an apparmor rule, but apparmor should actually assume that *any* application doing an NSS request (so likely, mostly any app) should have access to the socket. We were thinking to actually wrap this internally though, so that all the NSS requests will be wrapped through a single binary and that should be the only one allowed to access the socket. But this is something that needs a bit of work yet. ** Summary changed: - file picker broken due to apparmor blocking fusermount3 + document portal broken due to apparmor blocking fusermount3 to access authd -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2129704 Title: document portal broken due to apparmor blocking fusermount3 to access authd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2129704/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
