1
0
mirror of https://github.com/qTox/qTox.git synced 2024-03-22 14:00:36 +08:00
Commit Graph

7 Commits

Author SHA1 Message Date
Vincas Dargis
aef4705636 fix(apparmor): Fix qTox cache access
AppAmor denies access to qTox cache directory:
```
type=AVC msg=audit(1548508759.153:640): apparmor="DENIED"
operation="mkdir" profile="qtox" name="/home/vincas/.cache/qTox/"
pid=7802 comm="qtox" requested_mask="c" denied_mask="c" fsuid=1000
ouid=1000
```

Add rule to allow access to qTox cache directory.
2019-03-25 20:14:01 +02:00
Vincas Dargis
9fc8933883 fix(apparmor): Add ibus abstraction
IBus-related rules are needed detected on Gnome-based desktop (Ubuntu
18.40):
```
type=AVC msg=audit(1548508639.169:546): apparmor="DENIED"
operation="open" profile="qtox"
name="/home/vincas/.config/ibus/bus/c3d8689228fc49d8867d4e63e4408e23-unix-0"
pid=7653 comm="qtox" requested_mask="r" denied_mask="r" fsuid=1000
ouid=1000
```

Include ibus abstraction to fix IBus functionality.
2019-03-25 20:14:01 +02:00
Vincas Dargis
6aa4435d17 fix(apparmor): Backport qt5 abstraction for v2.12.1 profile
AppArmor 2.12.1 does not have qt5 abstraction, with Qt5-related rules.

Backport qt5 abstraction from AppArmor upstream as inline rules.
2019-03-25 20:14:01 +02:00
Vincas Dargis
5fad77b9f8 fix(apparmor): Fix loading libraries from custom install prefix
If qtox is installed in /usr/local prefix (for example), launching qTox
fails because loading libraries from @{qtox_prefix} directory was not
allowed.

Add rule to allow loading libraries from @{qtox_prefix}/lib directory.
2019-03-25 20:14:01 +02:00
Vincas Dargis
f8f7a2d145 fix(apparmor): Fix AppArmor profile for version 2.12.1
* Remove `include if exists` usage.
* Remove @{uid} usage.
* Backport missing AppArmor abstractions as inline rules.
2019-03-25 20:14:00 +02:00
Vincas Dargis
d6ef3d2eae feat(apparmor): Add AppArmor v2.12.1 profile
Copy 2.13.2 profile into 2.12.1 place to be the starting point for
modifying (backporting) AppArmor profile for version 2.12.1 (on Ubuntu
18.04, Debian Stretch, etc).

At this point 2.12.1 profile does not work, as AppArmor v2.12.1 does not
have needed abstractions and policy language features (such as `include
if exists`). Followup commits will fix these issues.
2019-03-25 20:14:00 +02:00
Vincas Dargis
89514eee6d feat(apparmor): Add AppArmor profile
Introduce AppArmor profile, designed to work with AppArmor version
2.13.2 (Debian Buster).
2019-03-25 20:14:00 +02:00