Объясните, плиз, че ему надо?!
Профиль:
#include <tunables/global>
/usr/bin/com.github.johnfactotum.Foliate {
#include <abstractions/audio>
#include <abstractions/dbus>
#include <abstractions/dbus-accessibility>
#include <abstractions/dbus-session>
#include <abstractions/dconf>
#include <abstractions/gnome>
#include <abstractions/nvidia>
#include <abstractions/private-files>
#include <abstractions/private-files-strict>
capability,
deny network inet,
deny network inet6,
network netlink raw,
/ rw,
/** rw,
/usr/{bin,sbin,lib}/** mrix,
owner / rwlk,
owner /** rwlk,
}
Лог:
May 7 11:35:00 desktop kernel: [ 129.503325] audit: type=1400 audit(1620376500.119:26): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="/usr/bin/com.github.johnfactotum.Foliate" name="" pid=1606 comm="bwrap" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
May 7 11:35:00 desktop kernel: [ 129.503510] audit: type=1400 audit(1620376500.119:27): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="/usr/bin/com.github.johnfactotum.Foliate" name="" pid=1606 comm="bwrap" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
May 7 11:35:00 desktop kernel: [ 129.503584] audit: type=1400 audit(1620376500.119:28): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="/usr/bin/com.github.johnfactotum.Foliate" name="" pid=1606 comm="bwrap" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
May 7 11:35:00 desktop kernel: [ 129.503651] audit: type=1400 audit(1620376500.119:29): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="/usr/bin/com.github.johnfactotum.Foliate" name="" pid=1606 comm="bwrap" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
May 7 11:35:00 desktop kernel: [ 129.503949] audit: type=1400 audit(1620376500.119:30): apparmor="DENIED" operation="open" info="Failed name lookup - disconnected path" error=-13 profile="/usr/bin/com.github.johnfactotum.Foliate" name="proc/1610/uid_map" pid=1610 comm="bwrap" requested_mask="wr" denied_mask="wr" fsuid=1000 ouid=1000