search

roddhjav / apparmor.d

Full set of AppArmor profiles (~ 1500 profiles)
https://apparmor.pujol.io
GNU General Public License v2.0
395 stars 34 forks source link

fix(xdg-permission-store): add `nameservice-strict` and `.local/` #363

Closed REmerald closed 3 weeks ago

REmerald commented 3 weeks ago

Should fix

$ aa-log xdg-permission-store 
ALLOWED xdg-permission-store open /etc/nsswitch.conf comm=xdg-permission- requested_mask=r denied_mask=r
ALLOWED xdg-permission-store open /etc/passwd comm=xdg-permission- requested_mask=r denied_mask=r
ALLOWED xdg-permission-store mkdir owner /.local/ comm=xdg-permission- requested_mask=c denied_mask=c
$ aa-log -r xdg-permission-store 
profile xdg-permission-store {
  owner /.local/ w,

  /etc/nsswitch.conf r,
  /etc/passwd r,
}
roddhjav commented 3 weeks ago

Tthanks, merged.