** Changed in: webbrowser-app (Ubuntu) Importance: Critical => Undecided
** Description changed: - This is bug #1342129, but for qtwebkit. This bug seems to completely - break webapps specifying the 13.10 framework (ie, 1.0 apparmor policy). + This is bug #1342129, but for qtwebkit. Test case: 1. install r193 (or later) in the emulator 2. install Pixel Runner from the store 3. Open Pixel Runner The app starts but with a blank screen. The following apparmor denial can be observed: Aug 15 13:17:04 ubuntu-phablet dbus[1575]: apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/freedesktop/DBus" interface="org.freedesktop.DBus" member="RequestName" mask="send" name="org.freedesktop.DBus" pid=3292 profile="com.ubuntu.developer.ogra.pixel-runner_pixel-runner_0.1" peer_profile="unconfined" As it happens, we can add a rule for this that is safe: dbus (send) bus=session interface=org.freedesktop.DBus path=/org/freedesktop/DBus member=RequestName, However, after adding the above rule to /var/lib/apparmor/profiles/*pixel*, running 'sudo apparmor_parser -r /var/lib/apparmor/profiles/*pixel*', and starting the app, we get a new denial: Aug 15 13:18:47 ubuntu-phablet dbus[1575]: apparmor="DENIED" operation="dbus_bind" bus="session" name="org.freedesktop.Application" mask="bind" pid=3774 profile="com.ubuntu.developer.ogra.pixel-runner_pixel-runner_0.1" This denial is the same as in bug #1342129 and we can't safely add policy for it (see other bug for reasons why). Not sure if this is in webbrowser-app or qtwebkit, please reassign as necessary. ** Summary changed: - qtwebkit-based webapps no longer working + qtwebkit-based webapps denial for RequestName and bind on org.freedesktop.Application ** Description changed: This is bug #1342129, but for qtwebkit. Test case: 1. install r193 (or later) in the emulator 2. install Pixel Runner from the store 3. Open Pixel Runner The app starts but with a blank screen. The following apparmor denial can be observed: Aug 15 13:17:04 ubuntu-phablet dbus[1575]: apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/freedesktop/DBus" interface="org.freedesktop.DBus" member="RequestName" mask="send" name="org.freedesktop.DBus" pid=3292 profile="com.ubuntu.developer.ogra.pixel-runner_pixel-runner_0.1" peer_profile="unconfined" As it happens, we can add a rule for this that is safe: dbus (send) bus=session interface=org.freedesktop.DBus path=/org/freedesktop/DBus member=RequestName, However, after adding the above rule to /var/lib/apparmor/profiles/*pixel*, running 'sudo apparmor_parser -r /var/lib/apparmor/profiles/*pixel*', and starting the app, we get a new denial: Aug 15 13:18:47 ubuntu-phablet dbus[1575]: apparmor="DENIED" operation="dbus_bind" bus="session" name="org.freedesktop.Application" mask="bind" pid=3774 profile="com.ubuntu.developer.ogra.pixel-runner_pixel-runner_0.1" + If add add the following rule (which is not safe), there are no more denials: + dbus (bind) + bus=session + name=org.freedesktop.Application, + This denial is the same as in bug #1342129 and we can't safely add policy for it (see other bug for reasons why). Not sure if this is in webbrowser-app or qtwebkit, please reassign as necessary. ** Description changed: - This is bug #1342129, but for qtwebkit. + This is bug #1342129, but for qtwebkit. This bug doesn't appear to + affect the general functionality of the webapp. Test case: 1. install r193 (or later) in the emulator 2. install Pixel Runner from the store 3. Open Pixel Runner The app starts but with a blank screen. The following apparmor denial can be observed: Aug 15 13:17:04 ubuntu-phablet dbus[1575]: apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/freedesktop/DBus" interface="org.freedesktop.DBus" member="RequestName" mask="send" name="org.freedesktop.DBus" pid=3292 profile="com.ubuntu.developer.ogra.pixel-runner_pixel-runner_0.1" peer_profile="unconfined" As it happens, we can add a rule for this that is safe: dbus (send) bus=session interface=org.freedesktop.DBus path=/org/freedesktop/DBus member=RequestName, However, after adding the above rule to /var/lib/apparmor/profiles/*pixel*, running 'sudo apparmor_parser -r /var/lib/apparmor/profiles/*pixel*', and starting the app, we get a new denial: Aug 15 13:18:47 ubuntu-phablet dbus[1575]: apparmor="DENIED" operation="dbus_bind" bus="session" name="org.freedesktop.Application" mask="bind" pid=3774 profile="com.ubuntu.developer.ogra.pixel-runner_pixel-runner_0.1" If add add the following rule (which is not safe), there are no more denials: dbus (bind) - bus=session - name=org.freedesktop.Application, + bus=session + name=org.freedesktop.Application, This denial is the same as in bug #1342129 and we can't safely add policy for it (see other bug for reasons why). Not sure if this is in webbrowser-app or qtwebkit, please reassign as necessary. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1357371 Title: qtwebkit-based webapps denial for RequestName and bind on org.freedesktop.Application To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/webbrowser-app/+bug/1357371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
