[Bug 1891338] Re: apparmor misconfigured for envice
You are right that there are two places this is defined: in
/etc/apparmor.d/abstractions/ubuntu-browsers.d/ubuntu-integration and in
/etc/apparmor.d/usr.bin.evince.
I'll adjust apparmor to fix ubuntu-integration to use the exo-open
abstraction.
There is an evince task though because we don't want it to use the
ubuntu-integration abstraction. Instead the exo-open stanza in the
usr.bin.evince should just include the exo-open abstraction. Ie, replace
this:
# For Xubuntu to launch the browser
/usr/bin/exo-open ixr,
/usr/lib/@{multiarch}/xfce4/exo-1/exo-helper-1 ixr,
/etc/xdg/xdg-xubuntu/xfce4/helpers.rc r,
/etc/xdg/xfce4/helpers.rc r,
with this:
# For Xubuntu to launch the browser
#include
** Also affects: evince (Ubuntu)
Importance: Undecided
Status: New
** Changed in: apparmor (Ubuntu)
Status: New => In Progress
** Changed in: evince (Ubuntu)
Status: New => Triaged
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to evince in Ubuntu.
https://bugs.launchpad.net/bugs/1891338
Title:
apparmor misconfigured for envice
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1891338/+subscriptions
--
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1891338] Re: apparmor misconfigured for envice
/etc/apparmor.d/abstractions/ubuntu-browsers.d/ubuntu-integration:
/usr/lib/@{multiarch}/xfce4/exo-1/exo-helper-1 ixr,
/etc/apparmor.d/usr.bin.evince: /usr/lib/@{multiarch}/xfce4/exo-1/exo-
helper-1 ixr,
looks like those needs to be adapted to include the new exo revision?
** Package changed: evince (Ubuntu) => apparmor (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to evince in Ubuntu.
https://bugs.launchpad.net/bugs/1891338
Title:
apparmor misconfigured for envice
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1891338/+subscriptions
--
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1891338] Re: apparmor misconfigured for envice
from syslog: Aug 13 15:57:23 numenor dbus-daemon[1322]: [session uid=1000 pid=1322] Activating service name='org.gnome.evince.Daemon' requested by ':1.130' (uid=1000 pid=7816 comm="evince main.pdf " label="/usr/bin/evince (enforce)") Aug 13 15:57:23 numenor dbus-daemon[1322]: [session uid=1000 pid=1322] Successfully activated service 'org.gnome.evince.Daemon' Aug 13 15:57:42 numenor kernel: [20935.681193] audit: type=1400 audit(1597348662.582:58): apparmor="DENIED" operation="exec" profile="/usr/bin/evince" name="/usr/lib/x86_64-linux-gnu/xfce4/exo-2/exo-helper-2" pid=7841 comm="exo-open" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 I do not have a var/log/audit/audit.log -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to evince in Ubuntu. https://bugs.launchpad.net/bugs/1891338 Title: apparmor misconfigured for envice To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1891338/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1891338] Re: apparmor misconfigured for envice
Hello Kenneth, can you please include the DENIED lines from dmesg output, /var/log/syslog, or /var/log/audit/audit.log ? Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to evince in Ubuntu. https://bugs.launchpad.net/bugs/1891338 Title: apparmor misconfigured for envice To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1891338/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
