1
0
mirror of https://github.com/qTox/qTox.git synced 2024-03-22 14:00:36 +08:00

fix(apparmor): Fix accessibility DBus access

AppArmor denies access to a11y:
```
Jan 26 15:23:31 vincas-ubuntu1804 dbus-daemon: apparmor="DENIED"
operation="dbus_method_call"  bus="accessibility"
path="/org/freedesktop/DBus" interface="org.freedesktop.DBus"
member="Hello" mask="send" name="org.freedesktop.DBus" pid=8011
label="qtox" peer_label="unconfined"

Jan 26 15:23:31 vincas-ubuntu1804 dbus-daemon[1474]: apparmor="DENIED"
operation="dbus_method_call"  bus="session" path="/org/a11y/bus"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.a11y.Bus" pid=8011 label="qtox" peer_pid=1620
peer_label="unconfined"
```

Include dbus-accessibility abstraction and one addition dbus rule to fix
denies.
This commit is contained in:
Vincas Dargis 2019-01-26 15:35:22 +02:00
parent aef4705636
commit a67faf2976
2 changed files with 20 additions and 0 deletions

View File

@ -8,6 +8,7 @@
profile qtox /usr{,/local}/bin/qtox { profile qtox /usr{,/local}/bin/qtox {
#include <abstractions/audio> #include <abstractions/audio>
#include <abstractions/base> #include <abstractions/base>
#include <abstractions/dbus-accessibility>
#include <abstractions/dbus-session-strict> #include <abstractions/dbus-session-strict>
#include <abstractions/dri-enumerate> #include <abstractions/dri-enumerate>
#include <abstractions/gnome> #include <abstractions/gnome>
@ -38,6 +39,15 @@ profile qtox /usr{,/local}/bin/qtox {
network tcp, network tcp,
network udp, network udp,
# DBus
dbus send
bus=session
path=/org/a11y/bus
interface=org.freedesktop.DBus.Properties
member=Get
peer=(label=unconfined),
# System files # System files
@{qtox_additional_rw_dirs}/ r, @{qtox_additional_rw_dirs}/ r,

View File

@ -8,6 +8,7 @@
profile qtox /usr{,/local}/bin/qtox { profile qtox /usr{,/local}/bin/qtox {
#include <abstractions/audio> #include <abstractions/audio>
#include <abstractions/base> #include <abstractions/base>
#include <abstractions/dbus-accessibility>
#include <abstractions/dbus-session-strict> #include <abstractions/dbus-session-strict>
#include <abstractions/dri-enumerate> #include <abstractions/dri-enumerate>
#include <abstractions/gnome> #include <abstractions/gnome>
@ -44,6 +45,15 @@ profile qtox /usr{,/local}/bin/qtox {
network tcp, network tcp,
network udp, network udp,
# DBus
dbus send
bus=session
path=/org/a11y/bus
interface=org.freedesktop.DBus.Properties
member=Get
peer=(label=unconfined),
# System files # System files
@{qtox_additional_rw_dirs}/ r, @{qtox_additional_rw_dirs}/ r,