ubuntu-phone team mailing list archive
-
ubuntu-phone team
-
Mailing list archive
-
Message #12271
Re: opening files imported through content-hub
On Sat, 2015-04-18 at 22:59 +0300, Alberto Mardegan wrote:
> On 04/18/2015 12:11 AM, Darren Smith wrote:
> [...]
> > I then try to open the file using quazip but get denied by apparmor:
> >
> > Apr 17 21:56:31 ubuntu-phablet kernel: [226697.166126]type=1400
> > audit(1429304191
> > .476:898): apparmor="DENIED" operation="open"
> > profile="<username>_<appname>_0.1" nam
> > e="/home/phablet/.cache/<appname>.<username>/HubIncoming/<number>/example.zip"
> > pid=234
> > 01 comm="qmlscene" requested_mask="r" denied_mask="r" fsuid=32011
> > ouid=32011
> >
> > Any ideas what I'm doing wrong?
>
> I hope I'm not putting you off track, but I believe that the problem is
> that the file is under
>
> ~/.cache/<appname>.<username>/
>
> while your app should have access to
>
> ~/.cache/<username>/
>
> only. That is, an app whose security label is <package>_<app>_<version>
> has access to ~/.cache/<package>/ .
I think that you're correct it is a path issue, but what changed is the
default for package names. Now the store is defaulting package names to
"<appname>.<username>", so if you have the default layout, you end up
with an AppID like this:
$(appname).$(username)_$(appname)_$(version)
Now, to be clear, that's a store thing in that the rest of the system
sees that as a package. And it still won't always be that format for
things like collections. For example a package of card games that shares
common assets. They'd probably be something like:
cardgames.developer_rummy_1.2.3. Also, as we get groups for developer
uploads username will probably be, for most projects, a group name.
The result is that all of the directories that are setup $(package) but
for many people they'll think of them as "$(appname).$(username)" as
that's what they'll recognize the strings as.
Ted
References