Giter VIP home page Giter VIP logo

Comments (6)

nobody43 avatar nobody43 commented on June 5, 2024 1

I will answer while Alex is busy.
Your options are:
aa-log (comes with this package)
tail /var/log/audit/audit.log (requires auditd package)
tail /var/log/syslog (requires rsyslog package)
tail /var/log/messages
dmesg

from apparmor.d.

nobody43 avatar nobody43 commented on June 5, 2024

That's quite extensive. @roddhjav, I could do this.

  firefox
[/etc/timezone r,]                                 operation=open comm=firefox-esr
[/tmp/00UAI2.tmp r,]                               operation=open,rename_src comm=firefox-esr
[@{bin}/speech-dispatcher rx,]                     path_diffs=/usr/bin operation=exec comm='speechd init'

  firefox▶speech-dispatcher
[/etc/speech-dispatcher/clients/ r,]               operation=open comm=speech-dispatch
[/etc/speech-dispatcher/clients/emacs.conf r,]     operation=open comm=speech-dispatch
[/etc/speech-dispatcher/modules/ r,]               operation=open comm=speech-dispatch
[/etc/speech-dispatcher/modules/dtk-generic.conf r,] operation=open comm=speech-dispatch
[/etc/speech-dispatcher/modules/epos-generic.conf r,] operation=open comm=speech-dispatch
[/etc/speech-dispatcher/modules/espeak-mbrola-generic.conf r,] operation=open comm=speech-dispatch
[/etc/speech-dispatcher/modules/espeak-ng-mbrola-generic.conf r,] operation=open comm=speech-dispatch
[/etc/speech-dispatcher/modules/llia_phon-generic.conf r,] operation=open comm=speech-dispatch
[/etc/speech-dispatcher/modules/mary-generic.conf r,] operation=open comm=speech-dispatch
[/etc/speech-dispatcher/modules/mimic3-generic.conf r,] operation=open comm=speech-dispatch
[/etc/speech-dispatcher/modules/swift-generic.conf r,] operation=open comm=speech-dispatch
[/etc/speech-dispatcher/speechd.conf r,]           operation=open comm=speech-dispatch
[@{bin}/dash rx,]                                  path_diffs=/usr/bin operation=exec comm=speech-dispatch
[@{bin}/speech-dispatcher r,]                      path_diffs=/usr/bin operation=file_mmap comm=speech-dispatch
[@{lib}/speech-dispatcher-modules/sd_dummy rx,]    path_diffs=/usr/lib operation=exec comm=speech-dispatch
[@{lib}/speech-dispatcher-modules/sd_espeak-ng rx,] path_diffs=/usr/lib operation=exec comm=speech-dispatch
[owner @{run}/user/@{uid}/speech-dispatcher/ c,]   path_diffs=/run,1000 operation=mkdir comm=speech-dispatch
[owner @{run}/user/@{uid}/speech-dispatcher/log/ c,] path_diffs=/run,1000 operation=mkdir comm=speech-dispatch
[owner @{run}/user/@{uid}/speech-dispatcher/log/debug/ c,] path_diffs=/run,1000 operation=mkdir comm=speech-dispatch
[owner @{run}/user/@{uid}/speech-dispatcher/log/dummy.log wc,] path_diffs=/run,1000 operation=mknod,open comm=speech-dispatch
[owner @{run}/user/@{uid}/speech-dispatcher/log/espeak-ng-mbrola.log wc,] path_diffs=/run,1000 operation=mknod,open comm=speech-dispatch
[owner @{run}/user/@{uid}/speech-dispatcher/log/espeak-ng.log wc,] path_diffs=/run,1000 operation=mknod,open comm=speech-dispatch
[owner @{run}/user/@{uid}/speech-dispatcher/log/speech-dispatcher.log wc,] path_diffs=/run,1000 operation=file_perm,mknod,open comm=speech-dispatch
[owner @{run}/user/@{uid}/speech-dispatcher/pid/ c,] path_diffs=/run,1000 operation=mkdir comm=speech-dispatch
[owner @{run}/user/@{uid}/speech-dispatcher/pid/speech-dispatcher.pid wdck,] path_diffs=/run,1000 operation=file_lock,mknod,open,unlink comm=speech-dispatch
[owner @{run}/user/@{uid}/speech-dispatcher/speechd.sock c,] path_diffs=/run,1000 operation=mknod comm=speech-dispatch

  firefox▶speech-dispatcher▶/usr/lib/speech-dispatcher-modules/sd_dummy
[/dev/shm/ r,]                                     operation=open comm=sd_dummy
[/etc/machine-id r,]                               operation=open comm=threaded-ml
[/etc/pulse/client.conf r,]                        operation=open comm=sd_dummy
[/etc/pulse/client.conf.d/ r,]                     operation=open comm=sd_dummy
[owner @{run}/user/@{uid}/pulse/ r,]               path_diffs=/run,1000 operation=open comm=sd_dummy
[owner @{run}/user/@{uid}/speech-dispatcher/log/dummy.log w,] path_diffs=/run,1000 operation=file_inherit comm=sd_dummy
[owner @{run}/user/@{uid}/speech-dispatcher/log/espeak-ng.log w,] path_diffs=/run,1000 operation=file_inherit comm=sd_dummy
[owner @{run}/user/@{uid}/speech-dispatcher/log/speech-dispatcher.log a,] path_diffs=/run,1000 operation=file_inherit comm=sd_dummy
[owner @{run}/user/@{uid}/speech-dispatcher/pid/speech-dispatcher.pid w,] path_diffs=/run,1000 operation=file_inherit comm=sd_dummy
[owner @{user_config_dirs}/pulse/cookie rk,]       path_diffs=/home/user/.config operation=file_lock,open comm=threaded-ml

  firefox▶speech-dispatcher▶/usr/lib/speech-dispatcher-modules/sd_espeak-ng
[/dev/shm/ r,]                                     operation=open comm=sd_espeak-ng,sd_espeak-ng-mb
[/etc/machine-id r,]                               operation=open comm=threaded-ml
[/etc/pulse/client.conf r,]                        operation=open comm=sd_espeak-ng,sd_espeak-ng-mb
[/etc/pulse/client.conf.d/ r,]                     operation=open comm=sd_espeak-ng,sd_espeak-ng-mb
[/etc/speech-dispatcher/modules/espeak-ng-mbrola.conf r,] operation=open comm=sd_espeak-ng-mb
[/etc/speech-dispatcher/modules/espeak-ng.conf r,] operation=open comm=sd_espeak-ng
["@{lib}/x86_64-linux-gnu/espeak-ng-data/voices/!v/Mr serious" r,] path_diffs=/usr/lib operation=open comm=sd_espeak-ng,sd_espeak-ng-mb
[owner @{run}/user/@{uid}/pulse/ r,]               path_diffs=/run,1000 operation=open comm=sd_espeak-ng,sd_espeak-ng-mb
[owner @{run}/user/@{uid}/speech-dispatcher/log/espeak-ng-mbrola.log w,] path_diffs=/run,1000 operation=file_inherit comm=sd_espeak-ng-mb
[owner @{run}/user/@{uid}/speech-dispatcher/log/espeak-ng.log w,] path_diffs=/run,1000 operation=file_inherit comm=sd_espeak-ng
[owner @{run}/user/@{uid}/speech-dispatcher/log/speech-dispatcher.log a,] path_diffs=/run,1000 operation=file_inherit comm=sd_espeak-ng-mb
[owner @{run}/user/@{uid}/speech-dispatcher/pid/speech-dispatcher.pid w,] path_diffs=/run,1000 operation=file_inherit comm=sd_espeak-ng-mb
[owner @{user_config_dirs}/pulse/cookie rk,]       path_diffs=/home/user/.config operation=file_lock,open comm=threaded-ml

  firefox▶speech-dispatcher▶dash
[/dev/null wc,]                                    operation=open comm=sh
[/etc/speech-dispatcher/modules/dtk-generic.conf r,] operation=file_inherit comm=sh
[/etc/speech-dispatcher/modules/epos-generic.conf r,] operation=file_inherit comm=sh
[/etc/speech-dispatcher/modules/espeak-mbrola-generic.conf r,] operation=file_inherit comm=sh
[/etc/speech-dispatcher/modules/espeak-ng-mbrola-generic.conf r,] operation=file_inherit comm=sh
[/etc/speech-dispatcher/modules/llia_phon-generic.conf r,] operation=file_inherit comm=sh
[/etc/speech-dispatcher/modules/mary-generic.conf r,] operation=file_inherit comm=sh
[/etc/speech-dispatcher/modules/mimic3-generic.conf r,] operation=file_inherit comm=sh
[/etc/speech-dispatcher/modules/swift-generic.conf r,] operation=file_inherit comm=sh
[@{bin}/dash r,]                                   path_diffs=/usr/bin operation=file_mmap comm=sh
[owner @{run}/user/@{uid}/speech-dispatcher/log/speech-dispatcher.log a,] path_diffs=/run,1000 operation=file_inherit comm=sh
[owner @{run}/user/@{uid}/speech-dispatcher/pid/speech-dispatcher.pid w,] path_diffs=/run,1000 operation=file_inherit comm=sh

from apparmor.d.

roddhjav avatar roddhjav commented on June 5, 2024

Thanks, should be fixed now.

from apparmor.d.

nobody43 avatar nobody43 commented on June 5, 2024

owner /tmp/@{rand6}.tmp rw, seems to be the only culprit. Probably a side effect from #275
But I cant reproduce speech-dispatcher call anymore!

from apparmor.d.

vam67423 avatar vam67423 commented on June 5, 2024

Thanks, should be fixed now.

Thank you.
May I ask how you found the issue? I could not locate anything in my logs about it

from apparmor.d.

roddhjav avatar roddhjav commented on June 5, 2024

owner /tmp/@{rand6}.tmp rw, seems to be the only culprit. Probably a side effect from #275
But I cant reproduce speech-dispatcher call anymore!

That is a side effect from #275. speech-dispatcher is not really an issue (it is explicitly denied in the firefox from apparmor-profiles-extra)

To work aa-log, requires either auditd or rsyslog to be installed and enabled.

from apparmor.d.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.