[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#959399: libreoffice-common: Using libreoffice results in many AppArmor "ALLOWED" log messages in kernel syslog

Hi again.

On Sat, May 02, 2020 at 03:56:26AM +0200, Rene Engelhard wrote:
> > A small sampling of messages (obfuscated):
> > 
> > May  1 17:19:49 host kernel: [ 9201.656675] audit: type=1400 audit(1588371589.713:822): apparmor="ALLOWED" operation="mknod" profile="libreoffice-soffice" name="/raid/home/user/.config/libreoffice/4/user/GpDXp7" pid=16453 comm="configmgrWriter" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
> 
> why /raid as extra mountpoint and not /home directly or / directly or if
> that's not intended some bind mounts to have /home on a "known"
> location? So that stuff like this doesn't knowingly break?
> Or is that the case?

And what is your @HOME set for in apparmor sense?

  owner @{HOME}/.config/libreoffice{,dev}/** rwk,

is in the profile, which allows the owner of the config dir in @{HOME}
access.

So I just bet that setting needs to be globally adapted
for apparmor?
(Or use standard paths.)

Regards,

Rene
Reply to: