From 9f2dda89cda21b620ba36e2c34d8792bb2c299db Mon Sep 17 00:00:00 2001 From: Vincas Dargis Date: Tue, 14 Aug 2018 21:34:59 +0300 Subject: [PATCH] apparmor: fix printing to file AppArmor denies writing to .ps files and dealing with temporaries needed for "Print to file" functionality. Add .ps to the allowed extensions list, also giving access to rm executable together with writing printing-related temporary file. Change-Id: I415e1401878bff6459f42162d4e8b517261b9cec Reviewed-on: https://gerrit.libreoffice.org/59114 Tested-by: Jenkins Reviewed-by: Rene Engelhard Gbp-Pq: Name apparmor-fixes.diff --- sysui/desktop/apparmor/program.soffice.bin | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/sysui/desktop/apparmor/program.soffice.bin b/sysui/desktop/apparmor/program.soffice.bin index 1c3b0fa455c..50389691e78 100644 --- a/sysui/desktop/apparmor/program.soffice.bin +++ b/sysui/desktop/apparmor/program.soffice.bin @@ -37,6 +37,8 @@ @{libreoffice_ext} += {,x,X}[hH][tT][mM]{,l,L} #.epub @{libreoffice_ext} += [eE][pP][uU][bB] +#.ps (printing to file) +@{libreoffice_ext} += [pP][sS] #Images @{libreoffice_ext} += [jJ][pP][gG] @@ -113,6 +115,7 @@ profile libreoffice-soffice INSTDIR-program/soffice.bin flags=(complain) { owner @{HOME}/.cache/fontconfig/** rw, owner @{HOME}/.config/gtk-???/bookmarks r, #Make bookmarks work owner @{HOME}/.recently-used rwk, + owner /tmp/psp[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]* rw, #/tmp/psp1534203998 (printing to file) owner /{,var/}run/user/*/dconf/user rw, owner @{HOME}/.config/dconf/user r, @@ -127,6 +130,7 @@ profile libreoffice-soffice INSTDIR-program/soffice.bin flags=(complain) { /{usr/,}bin/sh rmix, /{usr/,}bin/bash rmix, /{usr/,}bin/dash rmix, + /{usr/,}bin/rm rmix, #deleting /tmp/psp1534203998 (printing to file) /usr/bin/bluetooth-sendto rmPUx, /usr/bin/lpr rmPUx, /usr/bin/paperconf rmix, -- 2.30.2