[apparmor] Rule to allow chmod-operations (or reduce dmesg suppression)
Jonas Große Sundrup
jgs-apparmor at letopolis.de
Tue Mar 30 21:41:46 UTC 2021
On 2021-03-30, Christian Boltz wrote:
> However, you carefully avoided the correct path ;-) - you'll need
> /var/cache/fontconfig/ w,
FML, that slipped my mind. Thanks for the pointer!
In case anyone's interested what happened:
Apparently, the first Electron-App to start after something more than a
text console is available, needs read access to
/sys/devices/pcisomething/probably_graphics to load the graphics
driver. Not sure to where, modprobed it already is.
Not yet sure what's the cleanest solution here, but it's
sufficient a solution for now for my purposes to just give that access.
It works without that permission if I aa-teardown first, then start any
Electron-App, close that app again, reload all AppArmor-rules and then
I can happily start all other electron apps (probably because then
something is loaded in X or so, then again, other X-Apps work fine,
it's only electron… But yeah, if anyone's interested in the
turnout/solution.
~ Jonas
More information about the AppArmor
mailing list