/srv/irclogs.ubuntu.com/2015/11/21/#ubuntu-app-devel.txt

mcphailDoes anyone know why an .apparmor file containing http://termbin.com/eoc2 won't let me run "find /media/*/*/bg1 -maxdepth 0"? I'm getting Nov 21 13:09:11 ubuntu-phablet kernel: [117357.738918]type=1400 audit(1448111351.811:1191): apparmor="DENIED" operation="open" profile="bg1.njmcphail_bg1_0.10" name="/media/" pid=25663 comm="run.sh" requested_mask="r" denied_mask="r" fsuid=32011 ouid=013:26
mcphailThe docviewer app uses a similar trick to allow access to the sdcard13:28
popeymcphail, do you have the find binary in your click?13:43
mcphailpopey: need to find the path to the sdcard. It has a unique ID14:00
popeymcphail, my point was, is it failing because it can't run the /bin/find binary ?14:00
popey(I had to copy mkdir binary into my click package)14:00
mcphailpopey: using busybox find in the click14:00
popeyk14:01
mcphailCan't seem to get this to work without making it unconfined14:01
mcphailI presume the "read_path" stanza isn't just for content-hub?14:05
popeyno14:08
popeyits read/write directly14:08
popeyyou copied from docviewer?14:08
mcphailyes14:08
mcphailhttp://bazaar.launchpad.net/~ubuntu-docviewer-dev/ubuntu-docviewer-app/lo-viewer/view/head:/docviewer.apparmor14:08
mcphailthat has xonten_exchange as well, but I think I don't need that14:09
mcphailI've tried /media/*/*/bg1/ as well, but that doesn't work either14:09
* mcphail wonders if simply "/media/" might work...14:11
mcphailOK, that seems to work. But it is a bit *broad*. Would an app pass a manual review with such permissions?14:14
ok2cqrHi, I working on app that runs mysql server in embedded mode and saves the data to user's home directory. By default apparmor won't allow that. I have a scipt in post-install that does the modification but it seems direct changes of user.sbin.mysql is not good idea. Anybody know where I should paste the apparmor configuration changes, please?20:24
ok2cqrThe script is here: https://github.com/ok2cqr/cqrlog/blob/master/tools/cqrlog-apparmor-fix20:25
mcphailpopey: I've decided the BG app is probably ready enough to go up on the store. I'm sure it will attract lots of negative reviews due to the myriad of bugs, but I have broad shoulders. Do you know who I could ping for manual review for the sdcard access permissions?20:40

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!