[pkg-apparmor] Bug#883256: apparmor-profiles-extra: Totem can't access files outside $HOME

[Philip Rinn]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

sorry for replying so late. Thanks for all of you for your input!

On 07.12.2017 at 08:51, intrigeri wrote:
> The Totem profile allows common locations for media files outside of $HOME,
> such as /{media,mnt,opt,srv}/**. Where are the files you're trying to play
> located? If they are in one of the supposedly allowed directories, please
> provide the AppArmor denial logs.

The files I tried to access are in /bigdata/Filme/**. I added this line in
/etc/apparmor.d/local/usr.bin.totem

owner /bigdata/Filme/** rw,

and everything works.

I didn't look into <abstractions/totem> before filing the bug (due to not being
familiar with how apparmor profiles work). If I had, I wouldn't have filed the
bug. I think the behavior of the profile is totally fine, feel free to close the
bug.

Best,

Philip
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEK9jU45eVX3dG2zuJrWkWlnOTmCsFAlopXG8ACgkQrWkWlnOT
mCsvDw//SzQmQrq55bd0i0eKuIYpwLKOFDzPYG7TX1S79sfwpWo6I6HvHuu6fUzS
ws5ksGpd5wRvJJgSzPgYqQmQW2pe3gsS9ZJynZxvv4zfxLVpEjN8OEgys7PVRs9r
36XC6CsjjjFymprnAqOR/EnGvjXTDJ7xVHjvhene7ZvGGTlLQIQjeWmVLfsRiqo4
ozbifiYxg/7r2WRD8uCeBOASpUP3iOQpUWHHnQLEc3a9xYIe7dWFHKviFE1QWyFZ
zh/MxEaiD48++OCGP4MoyRaDPQ1tKIBmvDVe9b4zMyjGpi4q/bjRRIglnKqXfNF6
BRIjRBY8K2xe3X8ucFlX5qpWtj2SEgp3jnR4VnsfACvoq+ueKkkvCHiu59sQXcyd
3uKhZd5+HjHu315xb+tNseZ9SdiOPKCIzxh4Bw7W8e7Z1VIXIpDJgS3VTuDgCA9r
mjWwHPIZQpPP3KxwucmIwsl2DI5fahrLobUW2E6l5ZExbZTxqJlosnlgBtOXEdNF
KoQPfZk+a+1PJq4w2H2MuB1KcfxPbB80wJVQiPoEi9i2Y3rX8bNM5L/ep22FHouH
PWe1OhZ7yrhKokcA2X4weOcAWamMjpaSfRjoUC1wtlP3CEFEXWldxml3vIXLGUaX
yxmQ3CPk3x4ZuHnu8fN9Rg/V6HEX2T+BAPKus6WlxSs9VI8whFU=
=cyha
-----END PGP SIGNATURE-----