Re: Re: Thunderbird no longer opens links

To: "Alexander V. Makartsev" <avbetev@gmail.com>
Cc: debian-user@lists.debian.org
Subject: Re: Re: Thunderbird no longer opens links
From: Vincas Dargis <vindrg@gmail.com>
Date: Sun, 3 Dec 2017 10:49:42 +0200
Message-id: <[🔎] 30eefe4e-8ebb-e465-6638-95ef8928fbe1@gmail.com>
In-reply-to: <[🔎] c47d34e5-abd6-0d36-460e-7c6bea033954@gmail.com>
References: <[🔎] c47d34e5-abd6-0d36-460e-7c6bea033954@gmail.com>

On 2017-12-03 01:07, Alexander V. Makartsev wrote:

If I understood this correctly, aa-complain will only switch profile to "complain mode"(log, but don't block). This iseffectively the same as disabling the profile, which is not a good solution.

I believe "deny" rules still apply even on complain mode. If profile has "private-files" abstraction included, your~/.bash* files will be still protected.

"aa-complain" is useful for debugging and writing my own profiles, but it won't be as useful when partially brokenprofile is coming from package, because any user-modifications will be over-written after package updates.

User modifications can be place into "local" includes, for Thunderbird it's `/etc/apparmor.d/local/usr.bin.thunderbird`,they will not be overwritten.


Do not forget to reload profile with `sudo apparmor_parser -r /etc/apparmor.d/usr.bin.thunderbird` afterwards.

If you believe that these local modifications could be useful for other use cases, please report a bug with usertagmodify-profile or buggy-profile [0]


[0] https://wiki.debian.org/AppArmor/Reportbug#Usertags

Reply to:

Follow-Ups:
- Re: Thunderbird no longer opens links
  - From: "Alexander V. Makartsev" <avbetev@gmail.com>

References:
- Re: Thunderbird no longer opens links
  - From: "Alexander V. Makartsev" <avbetev@gmail.com>

Prev by Date: <SOLVED> Re: A user with two faces?
Next by Date: Re: BIOS Can Not Find Disk
Previous by thread: Re: Thunderbird no longer opens links
Next by thread: Re: Thunderbird no longer opens links
Index(es):
- Date
- Thread