> 1. For applications that support it, having them use a portal to gain access. With the portal being allowed to delegate the selected file to the application. This is the transparent solution, where the user gets the file dialogue as usual but it is not under the applications control.
openvpn/networkmanager are not desktop applications. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/2098930 Title: openvpn profile doesn't allow access to files on home dir Status in apparmor package in Ubuntu: Confirmed Status in gnome-control-center package in Ubuntu: Confirmed Bug description: my VPN keys & certs are stored in my HOME directory. The current apparmor update broke that. When I try to activate my VPN through NetworkManager, the journal says: Feb 20 07:48:57 paprika NetworkManager[3405]: <info> [1740034137.4372] vpn[0x58db282782d0,132c9eee-2134-4f7a-8326-58bde38036de,"canonical-uk"]: starting openvpn [snipped] Feb 20 07:48:57 paprika nm-openvpn[10793]: Cannot pre-load keyfile (/home/tom/Documents/vpn/ta.key) Feb 20 07:48:57 paprika nm-openvpn[10793]: Exiting due to fatal error [snipped] Feb 20 07:48:57 paprika kernel: audit: type=1400 audit(1740034137.454:789): apparmor="DENIED" operation="open" class="file" profile="openvpn" name="/home/tom/Documents/vpn/ta.key" pid=10793 comm="openvpn" requested_mask="r" denied_ma> So openvpn can no longer access /home/tom/Documents/canonical/vpn/canonical_ta.key . ProblemType: Bug DistroRelease: Ubuntu 25.04 Package: apparmor 4.1.0~beta5-0ubuntu2 ProcVersionSignature: Ubuntu 6.12.0-15.15-generic 6.12.11 Uname: Linux 6.12.0-15-generic x86_64 NonfreeKernelModules: zfs ApportVersion: 2.31.0-0ubuntu5 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: ubuntu:GNOME Date: Thu Feb 20 08:57:57 2025 InstallationDate: Installed on 2024-07-18 (217 days ago) InstallationMedia: Ubuntu 24.04 LTS "Noble Numbat" - Release amd64 (20240424) ProcEnviron: LANG=en_US.UTF-8 PATH=(custom, no user) SHELL=/usr/bin/zsh TERM=xterm-256color XDG_RUNTIME_DIR=<set> ProcKernelCmdline: BOOT_IMAGE=/vmlinuz-6.12.0-15-generic root=/dev/mapper/ubuntu--vg-ubuntu--lv ro quiet splash vt.handoff=7 SourcePackage: apparmor UpgradeStatus: Upgraded to plucky on 2024-12-20 (62 days ago) modified.conffile..etc.apparmor.d.element-desktop: [modified] mtime.conffile..etc.apparmor.d.element-desktop: 2025-02-11T18:32:02.077059 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2098930/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
