Giter VIP home page Giter VIP logo

Comments (7)

roddhjav avatar roddhjav commented on May 22, 2024 1

Hi, thanks for you issue & for the log.
Here, you simply need to personalize the list of directory where Git is expected to find git repositories.

This can easily be personallised for your needs using the XDG_PROJECTS_DIR variable: Add a file (the name does not matter) in /etc/apparmor.d/tunables/xdg-user-dirs.d/ with the following content:

@{XDG_PROJECTS_DIR}+="tmp" "go"

Then restart the apparmor service and you should not have issues anymore.

from apparmor.d.

roddhjav avatar roddhjav commented on May 22, 2024 1

Then add this too:

owner @{PROC}/@{pid}/stat r,
owner @{PROC}/@{pid}/cmdline r,
owner @{PROC}/@{pid}/environ r,
owner @{PROC}/@{pid}/task r,
owner @{PROC}/@{pid}/task/@{tid}/stat r,

from apparmor.d.

vbauerster avatar vbauerster commented on May 22, 2024

if it matters I triggered it with bare git command and lazygit tui as well.

from apparmor.d.

vbauerster avatar vbauerster commented on May 22, 2024

Thanks for the hint! It's ok now.

from apparmor.d.

vbauerster avatar vbauerster commented on May 22, 2024

I use git-delta as git config --global core.pager. Can you please advise what is the proper way to integrate it into the git profile?

aa-log 
ALLOWED git exec /usr/bin/delta comm=sh requested_mask=x denied_mask=x
ALLOWED git//null-/usr/bin/delta file_mmap /usr/bin/delta comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta file_mmap /usr/lib/ld-linux-x86-64.so.2 comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /etc/ld.so.cache comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /usr/lib/libgit2.so.1.5.1 comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta file_mmap /usr/lib/libgit2.so.1.5.1 comm=delta requested_mask=rm denied_mask=rm
ALLOWED git//null-/usr/bin/delta open /usr/lib/libgcc_s.so.1 comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta file_mmap /usr/lib/libgcc_s.so.1 comm=delta requested_mask=rm denied_mask=rm
ALLOWED git//null-/usr/bin/delta open /usr/lib/libm.so.6 comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta file_mmap /usr/lib/libm.so.6 comm=delta requested_mask=rm denied_mask=rm
ALLOWED git//null-/usr/bin/delta open /usr/lib/libc.so.6 comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta file_mmap /usr/lib/libc.so.6 comm=delta requested_mask=rm denied_mask=rm
ALLOWED git//null-/usr/bin/delta open /usr/lib/libssl.so.3 comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta file_mmap /usr/lib/libssl.so.3 comm=delta requested_mask=rm denied_mask=rm
ALLOWED git//null-/usr/bin/delta open /usr/lib/libcrypto.so.3 comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta file_mmap /usr/lib/libcrypto.so.3 comm=delta requested_mask=rm denied_mask=rm
ALLOWED git//null-/usr/bin/delta open /usr/lib/libhttp_parser.so.2.9.4 comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta file_mmap /usr/lib/libhttp_parser.so.2.9.4 comm=delta requested_mask=rm denied_mask=rm
ALLOWED git//null-/usr/bin/delta open /usr/lib/libpcre2-8.so.0.11.1 comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta file_mmap /usr/lib/libpcre2-8.so.0.11.1 comm=delta requested_mask=rm denied_mask=rm
ALLOWED git//null-/usr/bin/delta open /usr/lib/libssh2.so.1.0.1 comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta file_mmap /usr/lib/libssh2.so.1.0.1 comm=delta requested_mask=rm denied_mask=rm
ALLOWED git//null-/usr/bin/delta open /usr/lib/libz.so.1.2.13 comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta file_mmap /usr/lib/libz.so.1.2.13 comm=delta requested_mask=rm denied_mask=rm
ALLOWED git//null-/usr/bin/delta open /proc/155276/maps comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/uptime comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/155276/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/155276/cmdline comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/155276/environ comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/155276/task/ comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/155276/task/155304/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/155276/task/155305/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/155275/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta capable comm=find_calling_pr capname=sys_ptrace capability=19
ALLOWED git//null-/usr/bin/delta open /proc/155275/cmdline comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/155275/environ comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/155275/task/ comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /etc/ssl/openssl.cnf comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /etc/ca-certificates/extracted/tls-ca-bundle.pem comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /home/vbauer/.local/share/kak/cork/plugins/kak-lsp/repo/.git/config comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /home/vbauer/.config/git/config comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /dev/null comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta exec /usr/bin/less comm=delta requested_mask=x denied_mask=x
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less file_inherit /dev/null comm=less requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less file_mmap /usr/bin/less comm=less requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less file_mmap /usr/lib/ld-linux-x86-64.so.2 comm=less requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less open /etc/ld.so.cache comm=less requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less open /usr/lib/libncursesw.so.6.4 comm=less requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less file_mmap /usr/lib/libncursesw.so.6.4 comm=less requested_mask=rm denied_mask=rm
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less open /usr/lib/libpcre2-8.so.0.11.1 comm=less requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less file_mmap /usr/lib/libpcre2-8.so.0.11.1 comm=less requested_mask=rm denied_mask=rm
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less open /usr/lib/libc.so.6 comm=less requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less file_mmap /usr/lib/libc.so.6 comm=less requested_mask=rm denied_mask=rm
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less open /home/vbauer/.terminfo/74/tmux-256color comm=less requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less open /usr/lib/locale/locale-archive comm=less requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less open /home/vbauer/.local/state/ comm=less requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less open /home/vbauer/.lesshst comm=less requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less open /dev/pts/3 comm=less requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less mknod /home/vbauer/.lesshsQ comm=less requested_mask=c denied_mask=c
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less open /home/vbauer/.lesshsQ comm=less requested_mask=wc denied_mask=wc
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less chmod /home/vbauer/.lesshsQ comm=less requested_mask=w denied_mask=w
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less rename_src /home/vbauer/.lesshsQ comm=less requested_mask=wrd denied_mask=wrd
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less rename_dest /home/vbauer/.lesshst comm=less requested_mask=wc denied_mask=wc
ALLOWED git//null-/usr/bin/delta open /proc/178155/maps comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/178155/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/178155/cmdline comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/178155/environ comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/178155/task/ comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/178155/task/178169/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/178155/task/178171/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/178154/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/178154/cmdline comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/178154/environ comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/178154/task/ comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/179992/maps comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/179992/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/179992/cmdline comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/179992/environ comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/179992/task/ comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/179992/task/180001/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/179992/task/180003/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/179991/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/179991/cmdline comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/179991/environ comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /proc/179991/task/ comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta open /home/vbauer/go/src/github.com/vbauerster/kampliment/.git/config comm=delta requested_mask=r denied_mask=r
ALLOWED git//null-/usr/bin/delta//null-/usr/bin/less open /dev/pts/5 comm=less requested_mask=r denied_mask=r

from apparmor.d.

roddhjav avatar roddhjav commented on May 22, 2024

Simply do add this line and you should be good:

  /{usr/,}bin/delta          rix,

from apparmor.d.

vbauerster avatar vbauerster commented on May 22, 2024

I actually did exactly that, but then got another git related log:

ALLOWED git open /proc/378635/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git open /proc/378635/cmdline comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git open /proc/378635/environ comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git open /proc/378635/task/ comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git open /proc/378635/task/378645/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git open /proc/378635/task/378650/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git open /proc/378633/stat comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git open /proc/378633/cmdline comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git open /proc/378633/environ comm=find_calling_pr requested_mask=r denied_mask=r
ALLOWED git open /proc/378633/task/ comm=find_calling_pr requested_mask=r denied_mask=r

from apparmor.d.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.