This bug report is about the custom profile shipped by Ubuntu in their apparmor-profiles package (and nowhere else AFAIK), not about the apparmor-profiles project (yeah, it's confusing, I know).
** Project changed: apparmor-profiles => apparmor (Ubuntu) -- You received this bug notification because you are a member of AppArmor Developers, which is subscribed to AppArmor Profiles. https://bugs.launchpad.net/bugs/1101298 Title: More resources must be added into Chromium profile Status in apparmor package in Ubuntu: New Bug description: When I install apparmor-profiles package and set Chromium AppArmor profile to enforce mode, Chromium cannot detect the default browser and claims that it is not the default browser even though I set so. And I see this line in dmesg: ... type=1400 audit(1358526376.204:84): apparmor="DENIED" operation="exec" parent=6216 profile="/usr/lib/chromium-browser /chromium-browser//xdgsettings" name="/usr/bin/gawk" pid=6220 comm ="xdg-mime" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 Now, there is only /usr/bin/mawk line in Chromium apparmor profile but users may use a different implementation thanks to the alternatives system. In addition, my dmesg is flooded by these lines: ... type=1400 audit(1358527121.548:197): apparmor="DENIED" operation="open" parent=6072 profile="/usr/lib/chromium-browser /chromium-browser" name="/sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq" pid=8984 comm="chromium-browse" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 It would be nice to see "/sys/devices/system/**/cpufreq/cpuinfo_max_freq r," added to the profile. My patch regarding the issue is attached. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1101298/+subscriptions -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
