Hi,
Am 08.02.25 um 10:26 schrieb Sam Pinkus:
Thanks for the prompt Reply Rene.
On 2/8/25 00:30, Rene Engelhard wrote:
Am 07.02.25 um 07:22 schrieb Sam Pinkus:
[27118.177316] audit: type=1400 audit(1738906497.646:1573): apparmor="ALLOWED" operation="open"
profile="libreoffice-soffice" name="/home/sam/.thunderbird/vk9x5555.default/key4.db" pid=45330 comm="soffice.bin"
requested_mask="wrc" denied_mask="wrc" fsuid=1000 ouid=1000
[27118.177373] audit: type=1400 audit(1738906497.646:1574): apparmor="ALLOWED" operation="file_lock"
profile="libreoffice-soffice" name="/home/sam/.thunderbird/vk9x5555.default/key4.db" pid=45330 comm="soffice.bin"
requested_mask="k" denied_mask="k" fsuid=1000 ouid=1000
(Looking up certificates for signing. Usually firefox, but..)
Oh OK. I can see a related setting there in the UI now. I guess it's initial probing to set guess at a default certificate path.
Yes.
It would be great if it didn't do this by default, because I got this without going anywhere near any libreoffice signing settings.
Maybe, i am not going to change it though :)
Also note there is no apparmor rule about the key9.db, even for firefox.
Yes, indeed.
(Then again those profiles are not really maintained unfortunately - this is
also one of the reasons they are in complain mode..)
Regards,
Rene
