Hi, Am 08.02.25 um 10:26 schrieb Sam Pinkus:
Thanks for the prompt Reply Rene. On 2/8/25 00:30, Rene Engelhard wrote:Am 07.02.25 um 07:22 schrieb Sam Pinkus:[27118.177316] audit: type=1400 audit(1738906497.646:1573): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/home/sam/.thunderbird/vk9x5555.default/key4.db" pid=45330 comm="soffice.bin" requested_mask="wrc" denied_mask="wrc" fsuid=1000 ouid=1000 [27118.177373] audit: type=1400 audit(1738906497.646:1574): apparmor="ALLOWED" operation="file_lock" profile="libreoffice-soffice" name="/home/sam/.thunderbird/vk9x5555.default/key4.db" pid=45330 comm="soffice.bin" requested_mask="k" denied_mask="k" fsuid=1000 ouid=1000(Looking up certificates for signing. Usually firefox, but..)Oh OK. I can see a related setting there in the UI now. I guess it's initial probing to set guess at a default certificate path.
Yes.
It would be great if it didn't do this by default, because I got this without going anywhere near any libreoffice signing settings.
Maybe, i am not going to change it though :)
Also note there is no apparmor rule about the key9.db, even for firefox.
Yes, indeed. (Then again those profiles are not really maintained unfortunately - this is also one of the reasons they are in complain mode..) Regards, Rene