sdwdate and sdwdate-gui development thread

Patrick · December 22, 2019, 6:03pm

fix apparmor denied messages

committed 05:46PM - 22 Dec 19 UTC

AVC apparmor="DENIED" operation="open" profile="/usr/bin/sdwdate" name="/tmp/#52…5942" pid=5068 comm="sdwdate" requested_mask="wr" denied_mask="wr" fsuid=107 ouid=107 AVC apparmor="DENIED" operation="open" profile="/usr/bin/sdwdate" name="/var/tmp/#784853" pid=5068 comm="sdwdate" requested_mask="wr" denied_mask="wr" fsuid=107 ouid=107 AVC apparmor="DENIED" operation="open" profile="/usr/bin/sdwdate" name="/dev/shm/#161143" pid=5068 comm="sdwdate" requested_mask="wr" denied_mask="wr" fsuid=107 ouid=107 AVC apparmor="DENIED" operation="mknod" profile="/usr/bin/sdwdate" name="/dev/mqueue/ffiyJ5U2G" pid=5068 comm="sdwdate" requested_mask="c" denied_mask="c" fsuid=107 ouid=107 AVC apparmor="DENIED" operation="open" profile="/usr/bin/sdwdate" name="/proc/" pid=9051 comm="ps" requested_mask="r" denied_mask="r" fsuid=107 ouid=0 AVC apparmor="DENIED" operation="open" profile="/usr/bin/sdwdate" name="/proc/sys/kernel/osrelease" pid=8546 comm="ps" requested_mask="r" denied_mask="r" fsuid=107 ouid=0 AVC apparmor="DENIED" operation="open" profile="/usr/bin/sdwdate" name="/proc/8546/stat" pid=8546 comm="ps" requested_mask="r" denied_mask="r" fsuid=107 ouid=107 AVC apparmor="DENIED" operation="exec" profile="/usr/bin/sdwdate" name="/usr/bin/qubesdb-cmd" pid=8539 comm="te_pe_tb_check" requested_mask="x" denied_mask="x" fsuid=107 ouid=0

github.com/Kicksecure/sdwdate

fix apparmor issues

committed 10:58PM - 22 Dec 19 UTC

+11 -3

AVC apparmor="DENIED" operation="capable" profile="/usr/bin/sdwdate" pid=9965 co…mm="date" capability=25 capname="sys_time" audit: type=1400 audit(1577036830.547:907): apparmor="DENIED" operation="capable" profile="/usr/bin/sdwdate" pid=9965 comm="date" capability=25 capname="sys_time" AVC apparmor="DENIED" operation="mknod" profile="/usr/bin/sdwdate" name="/run/sdwdate/first_success" pid=10752 comm="sdwdate" requested_mask="c" denied_mask="c" fsuid=107 ouid=107 Traceback (most recent call last): File "/usr/bin/sdwdate", line 627, in <module> f = open(sdwdate.status_first_success_path, 'w') PermissionError: [Errno 13] Permission denied: '/run/sdwdate/first_success' AVC apparmor="DENIED" operation="exec" profile="/usr/bin/sdwdate" name="/usr/lib/sdwdate/sclockadj" pid=12012 comm="sh" requested_mask="x" denied_mask="x" fsuid=107 ouid=0