[Pkg-xfce-devel] Bug#747159: Processed: Re: Bug#742829
Daniel Richard G.
skunk at iSKUNK.ORG
Tue May 6 20:49:07 UTC 2014
On Tue, 2014 May 6 11:32+0200, Yves-Alexis Perez wrote:
>
> Note that the “destination” maintainers don't get a copy of your mail
> when you reassign a bug, so it's usually a good idea to add them to
> CC: for that mail.
Thanks; as you probably noticed, I'm still new to BTS control-fu :]
> About the issue itself, feel free to provide a patch for the
> integrated AppArmor profile. Note that this profile is intended for
> the lightdm “guest” session support, which is not yet available by
> default on Debian (but that doesn't mean we can't fix it).
A patch would be fairly simple:
--- /etc/apparmor.d/abstractions/lightdm_chromium-browser.orig 2014-04-28 15:33:22.000000000 -0400
+++ /etc/apparmor.d/abstractions/lightdm_chromium-browser 2014-05-06 16:40:08.014693614 -0400
@@ -8,7 +8,7 @@
# abstractions/lightdm, this abstraction must be separate from
# abstractions/lightdm.
- /usr/lib/chromium-browser/chromium-browser Cx -> chromium_browser,
+ /usr/lib/chromium/chromium Cx -> chromium_browser,
profile chromium_browser {
# Allow all the same accesses as other applications in the guest session
#include <abstractions/lightdm>
@@ -29,5 +29,5 @@
/selinux/ r,
- /usr/lib/chromium-browser/chromium-browser-sandbox ix,
+ /usr/lib/chromium/chrome-sandbox ix,
}
Given that this also comes from Ubuntu-land, however, intrigeri's
suggestion of parameterizing the profiles with tunables is looking all
the better.
More information about the Pkg-xfce-devel
mailing list