abstractions/base: allow read access to /run/uuidd/request

/run/uuidd/request is hardcoded in libuuid from util-linux and uuidd listens on this socket to provide random and time-based UUIDs in a secure manner (man 8 uuidd). Some applications (eg, python's uuid) prefer to use this socket, falling back to getrandom(), /dev/urandom, etc. Eg: $ strace -f aa-exec -p test -- \ python3 -c 'import uuid ; print("%s\n" % str(uuid.uuid1()))' ... socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = -1 EACCES (Permission denied) getrandom("\x8e\x89\xa5\xe7\x39\x1b", 6, GRND_NONBLOCK) = 6 ... uuidd itself produces random numbers using getrandom() and /dev/{,u}random (falling back to time-based if not), which are already allowed in the base abstraction. The uuidd daemon, when available, runs unprivileged under a dedicated user, so allowing read-only access to /run/uuidd/request is reasonable.
2025-03-04 08:24:42 +01:00 · 2019-12-17 15:56:23 -06:00 · 2019-12-17 15:56:23 -06:00 · 45fffc129f
commit 45fffc129f
parent 098f0a7b5f
1 changed files with 4 additions and 0 deletions
--- a/profiles/apparmor.d/abstractions/base
+++ b/profiles/apparmor.d/abstractions/base
@ -23,6 +23,10 @@
  /dev/log                       w,
  /dev/random                    r,
  /dev/urandom                   r,
+  # Allow access to the uuidd daemon (this daemon is a thin wrapper around
+  # time and getrandom()/{,u}random and, when available, runs under an
+  # unprivilged, dedicated user).
+  /run/uuidd/request             r,
  /etc/locale/**                 r,
  /etc/locale.alias              r,
  /etc/localtime                 r,