On Sat, 2015-04-18 at 22:59 +0300, Alberto Mardegan wrote: > On 04/18/2015 12:11 AM, Darren Smith wrote: > [...] > > I then try to open the file using quazip but get denied by apparmor: > > > > Apr 17 21:56:31 ubuntu-phablet kernel: [226697.166126]type=1400 > > audit(1429304191 > > .476:898): apparmor="DENIED" operation="open" > > profile="<username>_<appname>_0.1" nam > > > > e="/home/phablet/.cache/<appname>.<username>/HubIncoming/<number>/example.zip" > > pid=234 > > 01 comm="qmlscene" requested_mask="r" denied_mask="r" fsuid=32011 > > ouid=32011 > > > > Any ideas what I'm doing wrong? > > I hope I'm not putting you off track, but I believe that the problem is > that the file is under > > ~/.cache/<appname>.<username>/ > > while your app should have access to > > ~/.cache/<username>/ > > only. That is, an app whose security label is <package>_<app>_<version> > has access to ~/.cache/<package>/ .
I think that you're correct it is a path issue, but what changed is the default for package names. Now the store is defaulting package names to "<appname>.<username>", so if you have the default layout, you end up with an AppID like this: $(appname).$(username)_$(appname)_$(version) Now, to be clear, that's a store thing in that the rest of the system sees that as a package. And it still won't always be that format for things like collections. For example a package of card games that shares common assets. They'd probably be something like: cardgames.developer_rummy_1.2.3. Also, as we get groups for developer uploads username will probably be, for most projects, a group name. The result is that all of the directories that are setup $(package) but for many people they'll think of them as "$(appname).$(username)" as that's what they'll recognize the strings as. Ted
-- Mailing list: https://launchpad.net/~ubuntu-phone Post to : [email protected] Unsubscribe : https://launchpad.net/~ubuntu-phone More help : https://help.launchpad.net/ListHelp
