Control: user pkg-apparmor-t...@lists.alioth.debian.org Control: usertag help-needed
Hi! Michael Biebl: > This issue is still valid on an up-to-date sid system, so I'm reopening > this bug report. I cannot reproduce this. Christian Boltz pointed me to https://paste.debian.net/980153/ that shows Flatpak-related paths being denied: /var/lib/flatpak/exports/share/applications/mimeinfo.cache /var/lib/flatpak/exports/share/icons/hicolor/index.theme So I think the problem Michael is experiencing is caused by a more general one: our AppArmor policy currently does not support the case where Flatpak has added its exports directories to $XDG_DATA_DIRS *and* there actually is something installed in one of these exports directory, that an application (rightfully) tries to access. I'll start playing with Flatpak to reproduce this. A thread ("Should apparmor abstractions allow flatpak directories?") about this was started on the upstream mailing list in June/July after #865206 was reported in Debian. I'll prioritize this higher and will look into either a proper upstream/shared solution, and a quick fix in Debian if the former takes too much time. I'll reassign this bug report according to where I'll conclude the problem should be fixed. > Adding intrigeri into the loop here. Maybe he can help with this. Sure! I'm setting the relevant usertag. If you do this yourself next time, pkg-apparmor will get an email notification so it'll appear on our collective radar and not just on mine. Full documentation at https://wiki.debian.org/AppArmor/Reportbug#Usertags :) Cheers, -- intrigeri
