mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge Allow write access to /run/user/*/dconf/user

Browse source 
Gtk applications like Firefox request write access to the file
`/run/user/1000/dconf/user`. The code in `dconf_shm_open` opens the file
with `O_RDWR | O_CREAT`.

4057f8c84f/shm/dconf-shm.c (L68)

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1471
Approved-by: John Johansen <john@jjmx.net>
Merged-by: John Johansen <john@jjmx.net>
This commit is contained in:
John Johansen 2025-01-09 09:46:55 +00:00
commit 0eca26c6c2
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
profiles/apparmor.d/abstractions/dconf
View file

@ -6,7 +6,8 @@
# be specified in a specific application's profile. # be specified in a specific application's profile.
@{etc_ro}/dconf/** r, @{etc_ro}/dconf/** r,
owner @{run}/user/*/dconf/user r, # TODO: make w conditional when an override is available, so it can be moved to a portal.
owner @{run}/user/*/dconf/user rw,
owner @{HOME}/.config/dconf/user r, owner @{HOME}/.config/dconf/user r,
# Include additions to the abstraction # Include additions to the abstraction