[pkg-apparmor] Akonadi's Apprmor profile and apparmor-notify
Seth Arnold
seth.arnold at canonical.com
Fri Nov 15 02:01:39 GMT 2019
On Fri, Nov 15, 2019 at 01:42:50AM +0100, Sandro Knauß wrote:
> Is there any way to tell apparmor-notify to ignore some blocked files?
> [0] https://salsa.debian.org/qt-kde-team/kde/akonadi/tree/master/debian/apparmor
> [1] https://lists.debian.org/msgid-search/1957389.UGfkjfElqS@bagend
Hello hefee, thanks for the report. If Akonadi should never read
~/.pgpass then that can be done by adding the following line to the
usr.bin.akonadiserver profile:
deny @{HOME}/.pgpass r,
This will silence the denial entirely. Because this can be *extremely*
confusing in the event that someone needs their application to read it,
it may not be a great idea to ship this rule in the profile by default.
Users can add this rule to file /etc/apparmor.d/local/usr.bin.akonadiserver
to silence the messages. That might not be any less confusing if they ever
wish to use ~/.pgpass, but it would affect fewer people.
> Are endusers the audience for apparmor-notify?
Yes, it is. If you've got suggestions for improvements or other feedback
please do share :)
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-apparmor-team/attachments/20191115/8a846cba/attachment.sig>
More information about the pkg-apparmor-team
mailing list