On Thu, 5 Apr 2018 09:47:52 -0300 Agustin Henze <t...@debian.org> wrote: > Package: thunderbird > Version: 1:52.7.0-1 > Severity: normal > > Dear maintainer, from time to time I was finding a gpg process consuming the > 100% of one cpu. A Debian fellow mentioned me that maybe AppArmor could be the > cause, so I dug into it a little bit and found that AppArmor is denying the > access to gpg to the file ~/.gnupg/tofu.db. > > apparmor="DENIED" operation="file_lock" profile="thunderbird//gpg" > name="/home/tin/.gnupg/tofu.db" pid=4245 comm="gpg" requested_mask="k" > denied_mask="k" fsuid=1000 ouid=1000 > > I have added the following line into /etc/apparmor.d/usr.bin.thunderbird and > it > worked ok:
@@ -248,6 +248,7 @@
owner @{HOME}/.gnupg/trustdb.gpg rw,
owner @{HOME}/.gnupg/S.gpg-agent rw,
owner @{HOME}/.gnupg/S.dirmngr rw,
+ owner @{HOME}/.gnupg/tofu.db rwl,
owner @{HOME}/.gnupg/*.{gpg,kbx}.{lock,tmp} rwl,
owner @{HOME}/.gnupg/.gpg-*.lock rwl,
owner @{HOME}/.gnupg/gnupg_spawn_*.lock rwl,
Update "the patch", allow file locking is mandatory
Cheers,
--
TiN
signature.asc
Description: OpenPGP digital signature
