From 1250402471d9d83134b0faa90239a733a37f23f0 Mon Sep 17 00:00:00 2001 From: Vincas Dargis Date: Sat, 12 Jan 2019 12:34:22 +0200 Subject: [PATCH] qt5-compose-cache-write: fix anonymous shared memory access Qt5 applications produces deny message when saving compose cache files: ``` type=AVC msg=audit(1547287756.436:198): apparmor="DENIED" operation="link" profile="qtox" name="/home/vincas/.cache/qt_compose_cache_little_endian_4982ae57498642c5997565013f7ffe4e" pid=2878 comm="qtox" requested_mask="l" denied_mask="l" fsuid=1000 ouid=1000 target="/home/vincas/.cache/#919806" ``` Add file rule to enable writing anonymous shared memory file. --- profiles/apparmor.d/abstractions/qt5-compose-cache-write | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/profiles/apparmor.d/abstractions/qt5-compose-cache-write b/profiles/apparmor.d/abstractions/qt5-compose-cache-write index e4f50f31d..38cb23486 100644 --- a/profiles/apparmor.d/abstractions/qt5-compose-cache-write +++ b/profiles/apparmor.d/abstractions/qt5-compose-cache-write @@ -3,5 +3,6 @@ # User files - owner @{HOME}/.cache/qt_compose_cache_{little,big}_endian_* rw, + owner @{HOME}/.cache/qt_compose_cache_{little,big}_endian_* rwl -> @{HOME}/.cache/#[0-9]*[0-9], + owner @{HOME}/.cache/#[0-9]*[0-9] rw, # QSaveFile (anonymous shared memory)