[pkg-apparmor] Bug#882048: Bug#882048: apparmor should let thunderbird use signatures from files
Vincas Dargis
vindrg at gmail.com
Sat Nov 18 09:22:47 UTC 2017
On 2017.11.18 04:07, Ben Caradoc-Davies wrote:
> when apparmor is enabled, thunderbird signatures from files disappear. For
> example, one account uses: "Attach the signature from a file instead":
> /home/ben/.signature-ben at transient.nz
You mean, signatures are not loaded into Thunderbird, or these files where removed from the file system?
Anyway, this is rather strange, usr.bin.thunderbird allows to read all files from home directory [0]:
```
owner @{HOME}/** rw,
```
Maybe it needed lock permission? Could you try to discover relevant DENIED messages from logs?
I'll try to test that signature feature on my machine.
> If I disable apparmor with "systemctl mask apparmor.service" and reboot,
> thunderbird signatures from files work again.
Oh now, please don't do that :( . All your discovered AppArmor related issues are valuable.
You can try to enforce complain on profile manually by creating symlink (just tried that myself):
```
sudo ln -s /etc/apparmor.d/usr.bin.thunderbird /etc/apparmor.d/force-complain/usr.bin.thunderbird
sudo apparmor_parser -r /etc/apparmor.d/usr.bin.thunderbird
```
More information about the pkg-apparmor-team
mailing list