Closed jmcclelland closed 5 years ago
However, that doesn't work either because apparmor seems to think executables should only be run from /bin/, /usr/bin/, /usr/local/bin/ etc. and currently textern.py is being installed in /usr/local/libexec/textern (probably becaues it includes both textern.py and inotify_simple).
See https://github.com/jlebon/textern/issues/10 for why we install to /usr/libexec
.
I don't know much about AppArmor, though would it not be possible to just add a profile for the /usr/libexec/textern
location? If the path really needs to change, note that it is configurable at install time via the LIBEXEC
dir.
Ok - thanks for the feedback. And yes, I can work around this with firejail/apparmour.
If firefox is running via apparmor (or via firejail which might be running via apparmor) then it won't work.
Apparmor prevents applications from being run from the home directory, so USER=1 is out. That seems ok to me. If you are running apparmor you should use the global install option.
However, that doesn't work either because apparmor seems to think executables should only be run from /bin/, /usr/bin/, /usr/local/bin/ etc. and currently textern.py is being installed in /usr/local/libexec/textern (probably becaues it includes both textern.py and inotify_simple).
I think the best option would be to put textern.py in /usr/local/bin and insruct people to install inotify_simple using pip3.