Should the optical-drive
plug allow access to read /proc/sys/dev/cdrom/info? I can’t see anything privileged in the information it provides. The access requested in my makemkv snap is only read and the file is read-only so there should be no requests for write access.
= AppArmor =
Time: Aug 28 20:53:50
Log: apparmor="DENIED" operation="open" profile="snap.makemkv.makemkvcon"
name="/proc/sys/dev/cdrom/info" pid=32610 comm="makemkvcon" requested_mask="r"
denied_mask="r" fsuid=1000 ouid=0
File: /proc/sys/dev/cdrom/info (read)
Suggestion:
* adjust program to not access '@{PROC}/sys/dev/cdrom/info'