mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge abstractions/fonts: allow locking fontconfig user cache files

Browse source 
Got this after allowing `rw` access to `~/.cache/fontconfig/**`:

`Jun 20 00:41:26 testvm kernel: [3280307.358614] audit: type=1400 audit(1687236086.210:127519): apparmor="DENIED" operation="file_lock" profile="firefox" name="/home/username/.cache/fontconfig/a41116dafaf8b233ac2c61cb73f2ea5f-le64.cache-7" pid=1758224 comm="firefox" requested_mask="k" denied_mask="k" fsuid=1002 ouid=1002`

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1057
Approved-by: John Johansen <john@jjmx.net>
Merged-by: John Johansen <john@jjmx.net>
(cherry picked from commit 162aa447d2)
Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen 2023-06-30 17:45:32 +00:00 committed by John Johansen
parent ac2dd196a6
commit 22f3146627
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
profiles/apparmor.d/abstractions/fonts
View file

@ -45,7 +45,7 @@
owner @{HOME}/.local/share/fonts/** r, owner @{HOME}/.local/share/fonts/** r,
owner @{HOME}/.fonts.cache-2 mr, owner @{HOME}/.fonts.cache-2 mr,
owner @{HOME}/.{,cache/}fontconfig/ rw, owner @{HOME}/.{,cache/}fontconfig/ rw,
owner @{HOME}/.{,cache/}fontconfig/** mrl, owner @{HOME}/.{,cache/}fontconfig/** mrkl,
owner @{HOME}/.fonts.conf.d/ r, owner @{HOME}/.fonts.conf.d/ r,
owner @{HOME}/.fonts.conf.d/** r, owner @{HOME}/.fonts.conf.d/** r,
owner @{HOME}/.config/fontconfig/ r, owner @{HOME}/.config/fontconfig/ r,