1
0
mirror of https://github.com/qTox/qTox.git synced 2024-03-22 14:00:36 +08:00
qTox/security/apparmor/2.13.3
Vincas Dargis 44299604b0
fix(apparmor): Allow access to Aspell personal dictionaries
Running qTox under AppArmor confinement produces these `DENIED` messages:

```
type=AVC msg=audit(1589897925.045:793): apparmor="DENIED"
operation="open" profile="qtox" name="/home/vincas/.aspell.en.pws"
pid=36671 comm="qtox" requested_mask="r" denied_mask="r" fsuid=1000
ouid=1000
```
```
type=AVC msg=audit(1589897925.045:794): apparmor="DENIED"
operation="open" profile="qtox" name="/home/vincas/.aspell.en.prepl"
pid=36671 comm="qtox" requested_mask="r" denied_mask="r" fsuid=1000
ouid=1000
```
```
type=AVC msg=audit(1589996245.245:1193): apparmor="DENIED"
operation="file_lock" profile="qtox" name="/home/vincas/.aspell.en.pws"
pid=53202 comm="qtox" requested_mask="k" denied_mask="k" fsuid=1000
ouid=1000
```
```
type=AVC msg=audit(1589996245.245:1194): apparmor="DENIED"
operation="file_lock" profile="qtox"
name="/home/vincas/.aspell.en.prepl" pid=53202 comm="qtox"
requested_mask="k" denied_mask="k" fsuid=1000 ouid=1000
```

Add file rule to allow reading and locking Aspell-specific user files [0].

[0] http://aspell.net/man-html/Format-of-the-Personal-and-Replacement-Dictionaries.html

(cherry picked from commit 6a21d96214)
2020-11-22 19:58:42 -08:00
..
tunables feat(apparmor): Add AppArmor 2.13.3 profile 2020-11-22 19:57:22 -08:00
install.sh feat(apparmor): Add AppArmor 2.13.3 profile 2020-11-22 19:57:22 -08:00
usr.bin.qtox fix(apparmor): Allow access to Aspell personal dictionaries 2020-11-22 19:58:42 -08:00