1. 19 Jan, 2019 2 commits
    • Christian Boltz's avatar
      Merge branch 'update-mesa' into 'master' · 91dc2c4c
      Christian Boltz authored
      mesa: allow reading drirc.d
      
      See merge request !308
      
      Acked-by: Christian Boltz <apparmor@cboltz.de> for 2.12..master
      91dc2c4c
    • Vincas Dargis's avatar
      mesa: allow reading drirc.d · b5be5964
      Vincas Dargis authored
      Recent Mesa update introduces new denies:
      
      ```
      type=AVC msg=audit(1547905564.212:523): apparmor="DENIED"
      operation="open" profile="supertuxkart" name="/usr/share/drirc.d/"
      pid=15740 comm="supertuxkart" requested_mask="r" denied_mask="r"
      fsuid=1000 ouid=0
      ```
      
      ```
      type=AVC msg=audit(1547905896.307:548): apparmor="DENIED"
      operation="open" profile="supertuxkart"
      name="/usr/share/drirc.d/00-mesa-defaults.conf" pid=15963 c
      omm="supertuxkart" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
      ```
      
      Add rule to allow reading newly required paths.
      b5be5964
  2. 14 Jan, 2019 3 commits
  3. 13 Jan, 2019 1 commit
  4. 12 Jan, 2019 3 commits
    • Vincas Dargis's avatar
      audio: Fix alsa settings access · 73f01196
      Vincas Dargis authored
      OpenAL application on Debian Buster produces deny message:
      ```
      type=AVC msg=audit(1547295526.633:732): apparmor="DENIED"
      operation="open" profile="supertuxkart" name="/etc/alsa/conf.d/"
      pid=13963 comm="supertuxkart" reque
      sted_mask="r" denied_mask="r" fsuid=1000 ouid=0
      ```
      
      Add file rule to allow reading Alsa configuration files.
      73f01196
    • Vincas Dargis's avatar
      qt5-settings-write: fix anonymous shared memory access · f1200873
      Vincas Dargis authored
      *Add anonymous shared memory access rule for QtSettings.conf file
      itself.
      * Reduce strictness of anonymous shared memory file names - numbers in
      them can be smaller or bigger.
      * Fix consistency - require anonymous shared memory file names to end
      with digit in all rules.
      f1200873
    • Vincas Dargis's avatar
      qt5-compose-cache-write: fix anonymous shared memory access · 12504024
      Vincas Dargis authored
      Qt5 applications produces deny message when saving compose cache files:
      
      ```
      type=AVC msg=audit(1547287756.436:198): apparmor="DENIED"
      operation="link" profile="qtox"
      name="/home/vincas/.cache/qt_compose_cache_little_endian_4982ae57498642c5997565013f7ffe4e"
      pid=2878 comm="qtox" requested_mask="l" denied_mask="l" fsuid=1000
      ouid=1000 target="/home/vincas/.cache/#919806"
      ```
      
      Add file rule to enable writing anonymous shared memory file.
      12504024
  5. 09 Jan, 2019 1 commit
  6. 07 Jan, 2019 1 commit
  7. 03 Jan, 2019 5 commits
  8. 21 Dec, 2018 2 commits
  9. 18 Dec, 2018 3 commits
  10. 17 Dec, 2018 2 commits
  11. 09 Dec, 2018 1 commit
  12. 08 Dec, 2018 7 commits
  13. 07 Dec, 2018 2 commits
  14. 06 Dec, 2018 4 commits
  15. 30 Nov, 2018 3 commits