I'm trying to build an Apparmor profile, and I am a newbie at this(you are warned), while apparmor_parser accepts the profile it doesn't seem to implement it properly since I'm getting all kinds of rejects and denials in audit for stuff I know I've allowed, here is the profile(it's incomplete):-
Code:
#include <tunables/global>
/usr/lib/firefox-3.0/firefox.sh flags=(complain) {
#include <abstractions/base>
#include <abstractions/gnome>
#allow access to all networking network
/bin/dash ix,
/usr/lib/firefox-3.0/firefox.sh mr,
/usr/lib/gnash/* rux,
/usr/lib/firefox-3.0/** rw,
/home/un/Downloads/** rw,
/home/un/.mozilla/** rwk,
/usr/share/icons/** r,
/tmp/** rw,
/usr/lib/xulrunner-1.9/** rw,
}
Thanks in advance.
Bookmarks