On Wed, Aug 20, 2014 at 11:13:16AM +0200, pinguin74 wrote:
Am 20.08.2014 11:08, schrieb Marcus Meissner:
On Wed, Aug 20, 2014 at 10:57:04AM +0200, pinguin74 wrote:
Hello,
I get messages like
type=AVC msg=audit(1408524808.350:451575): apparmor="DENIED" operation="open" profile="/usr/bin/vlc" name="/usr/share/icons/oxygen/index.theme" pid=11244 comm="vlc" requested_mask="r" denied_mask="r" fsuid=500 ouid=0
Though I have set this rule:
/usr/share/icons/**/ rk,
I wonder, why does this rule not work?
Similar things happen with other thins.
logprof
should decode and handle that.
Also, is the new profile loaded? If you just edit it with text editor, it will not become active automatically
I guess it was bad syntax, instead of
/usr/share/icons/**/ rk,
I think it should be
/usr/share/icons/** rk,
One more thing, I get access requests, I don´t understand:
type=AVC msg=audit(1408525713.601:451780): apparmor="DENIED" operation="open" profile="/usr/bin/vlc" name=2F686F6D652F6D616C74655F67656C6C2F2E69636F6E732F4772696666696E20456D6265727320437572736F72732F637572736F72732F6C6566745F707472 pid=11933 comm="vlc" requested_mask="r" denied_mask="r" fsuid=500 ouid=5
What is this numeric monster 2F686F6D652F6D616C74655F67656C6C2..... vlc wants to access?
It is ascii encoded string with special characters. (where special can be SPACE or ") 2F = / 68 = h 6F = o ... There seems to be as space (20) inside a path you access. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org