[Desktop-packages] [Bug 1961508] Re: Dock displaying over window after resuming from blank screen
The workaround from #71 worked almost perfectly out of the box, I've only seen 1-2 windows staying under the dock. I probably simply need bump the delay a bit from the default value. Thanks a lot @popov895. @ballogy, thanks for working on this with upstream! -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-shell-extension-ubuntu-dock in Ubuntu. https://bugs.launchpad.net/bugs/1961508 Title: Dock displaying over window after resuming from blank screen Status in Dash to dock: Unknown Status in Mutter: New Status in gnome-shell package in Ubuntu: Confirmed Status in gnome-shell-extension-ubuntu-dock package in Ubuntu: Won't Fix Status in mutter package in Ubuntu: In Progress Status in gnome-desktop package in Fedora: Confirmed Bug description: I have Blank Screen set to happen after 2 minutes of inactivity. When resuming from a Blank Screen (by moving the mouse or touching the keyboard), the Dock is displayed over the top of the current program. To get it back to normal I need to click "Restore Down" on the current programs window and then "Maximize" so that the Dock no longer overlaps it. (Note: I have Auto-hide dock turned off.) This only happens sometimes. I can't reproduce the bug it every time. - 1) The release of Ubuntu you are using, via 'lsb_release -rd' or System -> About Ubuntu - Ubuntu 21.10 2) The version of the package you are using, via 'apt-cache policy pkgname' or by checking in Software Center - Not sure (I guess the Dock is part of the Gnome interface?) 3) What you expected to happen - Dock should not overlap the current program on resume from screen blank. 4) What happened instead - The Dock overlaps the current program on resume from screen blank. --- ProblemType: Bug ApportVersion: 2.20.11-0ubuntu71 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: ubuntu:GNOME DisplayManager: gdm3 DistroRelease: Ubuntu 21.10 InstallationDate: Installed on 2022-02-18 (24 days ago) InstallationMedia: Ubuntu 21.10 "Impish Indri" - Release amd64 (20211012) Package: gnome-shell-extension-ubuntu-dock PackageArchitecture: amd64 ProcVersionSignature: Ubuntu 5.13.0-35.40-generic 5.13.19 RelatedPackageVersions: mutter-common 40.5-1ubuntu3~21.10.1 Tags: wayland-session impish Uname: Linux 5.13.0-35-generic x86_64 UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: adm cdrom dip lpadmin lxd plugdev sambashare sudo _MarkForUpload: True --- ProblemType: Bug ApportVersion: 2.23.1-0ubuntu3 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: ubuntu:GNOME DisplayManager: gdm3 DistroRelease: Ubuntu 22.10 InstallationDate: Installed on 2022-02-18 (328 days ago) InstallationMedia: Ubuntu 21.10 "Impish Indri" - Release amd64 (20211012) Package: mutter PackageArchitecture: amd64 ProcVersionSignature: Ubuntu 5.19.0-28.29-generic 5.19.17 RebootRequiredPkgs: Error: path contained symlinks. RelatedPackageVersions: mutter-common 43.0-1ubuntu4 Tags: wayland-session third-party-packages kinetic Uname: Linux 5.19.0-28-generic x86_64 UpgradeStatus: Upgraded to kinetic on 2022-10-25 (79 days ago) UserGroups: adm cdrom dip lpadmin lxd plugdev sambashare sudo _MarkForUpload: True To manage notifications about this bug go to: https://bugs.launchpad.net/dash-to-dock/+bug/1961508/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2051572] Re: Always preseed core and snapd snap in server seed
FYI, snapd is a "base-less" snap: $ lxc launch ubuntu-minimal-daily:22.04 c1 $ lxc shell c1 root@c1:~# snap list No snaps are installed yet. Try 'snap install hello-world'. root@c1:~# snap install snapd 2024-02-15T21:17:09Z INFO Waiting for automatic snapd restart... snapd 2.61.1 from Canonical✓ installed root@c1:~# snap list Name Version RevTracking Publisher Notes snapd 2.61.1 20671 latest/stable canonical✓ snapd This is also visible by not having any `base:` while LXD currently uses core22: root@c1:~# snap info --verbose snapd | grep base: root@c1:~# snap info --verbose lxd | grep base: base:core22 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to ubuntu-meta in Ubuntu. https://bugs.launchpad.net/bugs/2051572 Title: Always preseed core and snapd snap in server seed Status in ubuntu-meta package in Ubuntu: New Status in ubuntu-meta source package in Noble: New Bug description: In removing the LXD snap from preseeding in the server seed for Ubuntu 24.04 as part LP #2051346 [1] we also removed the snapd snap and the core22 snap. This means that are subsequent snap install, like LXD, will take much longer than expected for a non minimized image. Time taken to install LXD snap using the lxd-installer package without snapd and core22 preinstalled/seeded ``` ubuntu@cloudimg:~$ time sudo lxd --version Installing LXD snap, please be patient. 5.19 real 0m29.107s user 0m0.006s sys 0m0.005s ``` Time taken to install LXD snap using the lxd-installer package with snapd and core22 already installed. ``` ubuntu@cloudimg:~$ time sudo lxd --version Installing LXD snap, please be patient. 5.19 real 0m15.034s user 0m0.005s sys 0m0.005s ``` This is a significant difference and for a workload we intend to remain as a core tested and tracked workload. As such I propose we re- introduce core22 and snapd snaps to our seed. LXD do intend to move to the core24 snap as their base as I'm sure snapd does too so when that does happen we need to update the preseeded core snap. This bug is to track the work of making that change in the server seed @ https://git.launchpad.net/~ubuntu-core-dev/ubuntu- seeds/+git/ubuntu/tree/server#n69 [1] https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/2051346 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/2051572/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2051572] Re: Always preseed core and snapd snap in server seed
** Description changed: In removing the LXD snap from preseeding in the server seed for Ubuntu - 24.04 as part LP #2051346 [1] we also removed the snaps snap and the + 24.04 as part LP #2051346 [1] we also removed the snapd snap and the core22 snap. This means that are subsequent snap install, like LXD, will take much longer than expected for a non minimized image. - - Time taken to install LXD snap using the lxd-installer package without snapd and core22 preinstalled/seeded + Time taken to install LXD snap using the lxd-installer package without + snapd and core22 preinstalled/seeded ``` ubuntu@cloudimg:~$ time sudo lxd --version Installing LXD snap, please be patient. 5.19 real 0m29.107s user 0m0.006s sys 0m0.005s ``` - - Time taken to install LXD snap using the lxd-installer package with snapd and core22 already installed. + Time taken to install LXD snap using the lxd-installer package with + snapd and core22 already installed. ``` ubuntu@cloudimg:~$ time sudo lxd --version Installing LXD snap, please be patient. 5.19 real 0m15.034s user 0m0.005s sys 0m0.005s ``` This is a significant difference and for a workload we intend to remain as a core tested and tracked workload. As such I propose we re-introduce core22 and snaps snaps to our seed. LXD do intend to move to the core24 snap as their base as I'm sure snapd does too so when that does happen we need to update the preseeded core snap. This bug is to track the work of making that change in the server seed @ https://git.launchpad.net/~ubuntu-core-dev/ubuntu- seeds/+git/ubuntu/tree/server#n69 - [1] https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/2051346 ** Description changed: In removing the LXD snap from preseeding in the server seed for Ubuntu 24.04 as part LP #2051346 [1] we also removed the snapd snap and the core22 snap. This means that are subsequent snap install, like LXD, will take much longer than expected for a non minimized image. Time taken to install LXD snap using the lxd-installer package without snapd and core22 preinstalled/seeded ``` ubuntu@cloudimg:~$ time sudo lxd --version Installing LXD snap, please be patient. 5.19 real 0m29.107s user 0m0.006s sys 0m0.005s ``` Time taken to install LXD snap using the lxd-installer package with snapd and core22 already installed. ``` ubuntu@cloudimg:~$ time sudo lxd --version Installing LXD snap, please be patient. 5.19 real 0m15.034s user 0m0.005s sys 0m0.005s ``` This is a significant difference and for a workload we intend to remain as a core tested and tracked workload. As such I propose we re-introduce - core22 and snaps snaps to our seed. + core22 and snapd snaps to our seed. LXD do intend to move to the core24 snap as their base as I'm sure snapd does too so when that does happen we need to update the preseeded core snap. This bug is to track the work of making that change in the server seed @ https://git.launchpad.net/~ubuntu-core-dev/ubuntu- seeds/+git/ubuntu/tree/server#n69 [1] https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/2051346 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to ubuntu-meta in Ubuntu. https://bugs.launchpad.net/bugs/2051572 Title: Always preseed core and snapd snap in server seed Status in ubuntu-meta package in Ubuntu: New Status in ubuntu-meta source package in Noble: New Bug description: In removing the LXD snap from preseeding in the server seed for Ubuntu 24.04 as part LP #2051346 [1] we also removed the snapd snap and the core22 snap. This means that are subsequent snap install, like LXD, will take much longer than expected for a non minimized image. Time taken to install LXD snap using the lxd-installer package without snapd and core22 preinstalled/seeded ``` ubuntu@cloudimg:~$ time sudo lxd --version Installing LXD snap, please be patient. 5.19 real 0m29.107s user 0m0.006s sys 0m0.005s ``` Time taken to install LXD snap using the lxd-installer package with snapd and core22 already installed. ``` ubuntu@cloudimg:~$ time sudo lxd --version Installing LXD snap, please be patient. 5.19 real 0m15.034s user 0m0.005s sys 0m0.005s ``` This is a significant difference and for a workload we intend to remain as a core tested and tracked workload. As such I propose we re- introduce core22 and snapd snaps to our seed. LXD do intend to move to the core24 snap as their base as I'm sure snapd does too so when that does happen we need to update the preseeded core snap. This bug is to track the work of making that change in the server seed @ https://git.launchpad.net/~ubuntu-core-dev/ubuntu- seeds/+git/ubuntu/tree/server#n69 [1]
[Desktop-packages] [Bug 2010561] Re: The Netplan Everywhere NetworkManager fails to supply Netplan with networking information until a connection is deleted and re-created
@slyon I saw that https://git.launchpad.net/network- manager/commit/?h=netplan/lunar- gu=900b2e15bce37363b263a224e60674f804114693 requires the `file` package to be available. Some systems don't have installed, albeit probably not common on desktops but I though I'd mention just in case. That same commit also seem to have a bogus error handling if `nm-online -qs` fails: ``` nm-online -qs || (echo "SKIP: NetworkManager is not ready ..." 1>&2 && continue) ``` The `continue` will be run in the `()` subshell. I think this could be fixed by using `{}` instead. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/2010561 Title: The Netplan Everywhere NetworkManager fails to supply Netplan with networking information until a connection is deleted and re-created Status in netplan: Invalid Status in network-manager package in Ubuntu: Fix Released Bug description: Steps to reproduce: 1. Install Ubuntu Lunar or a flavor thereof onto physical hardware with a WiFi adapter. (I used Lubuntu Lunar.) 2. Connect to WiFi and install all updates. 3. Enable the Netplan Everywhere PPA and install the updated NetworkManager from it (further details at https://discourse.ubuntu.com/t/call-for-testing-networkmanager-yaml-settings/32420?u=arraybolt3) 4. When the installation finishes, run "sudo netplan get". Expected result: Networking information related to the WiFi connection should appear in the "sudo netplan get" output. Actual result: "sudo netplan get" returns the following: ** (process:4088): WARNING **: 12:41:41.394; Permissions for /etc/netplan/01-network-manager-all.yaml are too open. Netplan configuration should NOT be accessible by others. network: version: 2 renderer: NetworkManager End of output. Additionally, the /etc/netplan folder does not contain files that I would expect to be there that would contain the networking info. Additional information: If I disconnect from WiFi, then delete my WiFi connection entirely in nmtui, and *then* reconnect to the same WiFi network, "sudo netplan get" returns the expected networking information. /etc/netplan is also properly populated after doing this. This bug seems like it will probably cause unintended behavior after an upgrade from 23.04 (which uses normal NetworkManager) to 23.10 (which is supposed to be using the Netplan Everywhere NetworkManager). People probably won't know to entirely delete the WiFi and other connections and then reconnect them in order for the netplan output to be usable. To manage notifications about this bug go to: https://bugs.launchpad.net/netplan/+bug/2010561/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2017011] [NEW] [snap] unable to read /proc/pressure/{cpu, io, memory}
Public bug reported: During normal operation, chromium wants to read /proc/pressure/{cpu,io,memory} but is denied by the Apparmor policy: $ journalctl -b0 -k --grep 'chromium.chromium' | grep -F 'name="/proc/pressure/' Apr 19 10:40:27 sdeziel-lemur kernel: audit: type=1400 audit(1681915227.726:817): apparmor="DENIED" operation="open" class="file" profile="snap.chromium.chromium" name="/proc/pressure/cpu" pid=395005 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Apr 19 10:40:27 sdeziel-lemur kernel: audit: type=1400 audit(1681915227.726:818): apparmor="DENIED" operation="open" class="file" profile="snap.chromium.chromium" name="/proc/pressure/io" pid=395005 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Apr 19 10:40:27 sdeziel-lemur kernel: audit: type=1400 audit(1681915227.726:819): apparmor="DENIED" operation="open" class="file" profile="snap.chromium.chromium" name="/proc/pressure/memory" pid=395005 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Note that simply starting the browser doesn't prompt it try and read those files, you need to do something more involving like watching Youtube for example. Additional information: $ snap list chromium core20 Name VersionRev Tracking Publisher Notes chromium 112.0.5615.49 2424 latest/stable canonical✓ - core2020230308 1852 latest/stable canonical✓ base $ lsb_release -rd Description:Ubuntu 22.04.2 LTS Release:22.04 $ uname -a Linux sdeziel-lemur 5.19.0-40-generic #41~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri Mar 31 16:00:14 UTC 2 x86_64 x86_64 x86_64 GNU/Linux ** Affects: chromium-browser (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/2017011 Title: [snap] unable to read /proc/pressure/{cpu,io,memory} Status in chromium-browser package in Ubuntu: New Bug description: During normal operation, chromium wants to read /proc/pressure/{cpu,io,memory} but is denied by the Apparmor policy: $ journalctl -b0 -k --grep 'chromium.chromium' | grep -F 'name="/proc/pressure/' Apr 19 10:40:27 sdeziel-lemur kernel: audit: type=1400 audit(1681915227.726:817): apparmor="DENIED" operation="open" class="file" profile="snap.chromium.chromium" name="/proc/pressure/cpu" pid=395005 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Apr 19 10:40:27 sdeziel-lemur kernel: audit: type=1400 audit(1681915227.726:818): apparmor="DENIED" operation="open" class="file" profile="snap.chromium.chromium" name="/proc/pressure/io" pid=395005 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Apr 19 10:40:27 sdeziel-lemur kernel: audit: type=1400 audit(1681915227.726:819): apparmor="DENIED" operation="open" class="file" profile="snap.chromium.chromium" name="/proc/pressure/memory" pid=395005 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Note that simply starting the browser doesn't prompt it try and read those files, you need to do something more involving like watching Youtube for example. Additional information: $ snap list chromium core20 Name VersionRev Tracking Publisher Notes chromium 112.0.5615.49 2424 latest/stable canonical✓ - core2020230308 1852 latest/stable canonical✓ base $ lsb_release -rd Description: Ubuntu 22.04.2 LTS Release: 22.04 $ uname -a Linux sdeziel-lemur 5.19.0-40-generic #41~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri Mar 31 16:00:14 UTC 2 x86_64 x86_64 x86_64 GNU/Linux To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/2017011/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2000175] [NEW] [snap] latest/candidate/hwacc channel cause lots of Apparmor noise
Public bug reported: # Issue description After installing chromium with hwacc (snap refresh chromium --channel latest/candidate/hwacc) I notice a lot of those new messages in dmesg: Dec 20 13:38:13 sdeziel-lemur kernel: audit: type=1400 audit(1671561493.126:3297): apparmor="DENIED" operation="mknod" profile="snap.chromium.chromium" name="/etc/igfx_user_feature.txt" pid=515408 comm="chrome" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000 Dec 20 13:38:13 sdeziel-lemur kernel: audit: type=1400 audit(1671561493.126:3298): apparmor="DENIED" operation="mknod" profile="snap.chromium.chromium" name="/etc/igfx_user_feature_next.txt" pid=515408 comm="chrome" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000 Those 2 files do not exist in the host's filesystem: $ ls /etc/igfx_user_feature.txt /etc/igfx_user_feature_next.txt ls: cannot access '/etc/igfx_user_feature.txt': No such file or directory ls: cannot access '/etc/igfx_user_feature_next.txt': No such file or directory # Additional information $ uname -a Linux sdeziel-lemur 5.15.0-56-generic #62-Ubuntu SMP Tue Nov 22 19:54:14 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux $ lsb_release -rd Description:Ubuntu 22.04.1 LTS Release:22.04 $ snap list chromium core20 snapd Name Version RevTrackingPublisher Notes chromium 107.0.5304.121-hwacc 2224 latest/candidate/… canonical✓ - core2020221123 1738 latest/stable canonical✓ base snapd 2.57.617883 latest/stable canonical✓ snapd ** Affects: chromium-browser (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/2000175 Title: [snap] latest/candidate/hwacc channel cause lots of Apparmor noise Status in chromium-browser package in Ubuntu: New Bug description: # Issue description After installing chromium with hwacc (snap refresh chromium --channel latest/candidate/hwacc) I notice a lot of those new messages in dmesg: Dec 20 13:38:13 sdeziel-lemur kernel: audit: type=1400 audit(1671561493.126:3297): apparmor="DENIED" operation="mknod" profile="snap.chromium.chromium" name="/etc/igfx_user_feature.txt" pid=515408 comm="chrome" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000 Dec 20 13:38:13 sdeziel-lemur kernel: audit: type=1400 audit(1671561493.126:3298): apparmor="DENIED" operation="mknod" profile="snap.chromium.chromium" name="/etc/igfx_user_feature_next.txt" pid=515408 comm="chrome" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000 Those 2 files do not exist in the host's filesystem: $ ls /etc/igfx_user_feature.txt /etc/igfx_user_feature_next.txt ls: cannot access '/etc/igfx_user_feature.txt': No such file or directory ls: cannot access '/etc/igfx_user_feature_next.txt': No such file or directory # Additional information $ uname -a Linux sdeziel-lemur 5.15.0-56-generic #62-Ubuntu SMP Tue Nov 22 19:54:14 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux $ lsb_release -rd Description: Ubuntu 22.04.1 LTS Release: 22.04 $ snap list chromium core20 snapd Name Version RevTrackingPublisher Notes chromium 107.0.5304.121-hwacc 2224 latest/candidate/… canonical✓ - core2020221123 1738 latest/stable canonical✓ base snapd 2.57.617883 latest/stable canonical✓ snapd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/2000175/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1993562] Re: [snap] apparmor denials on /sys/devices/virtual/dmi/id/bios_vendor, bios_version, board_name and board_vendor
Thanks for the test build Nathan, it works as I no longer see those denials with the provided snap (chromium 107.0.5304.62). Thanks again! -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1993562 Title: [snap] apparmor denials on /sys/devices/virtual/dmi/id/bios_vendor, bios_version, board_name and board_vendor Status in chromium-browser package in Ubuntu: Fix Committed Bug description: When starting chromium's snap, those messages are logged: $ journalctl -o cat -k --grep 'apparmor="DENIED"' | grep -F snap.chromium.chromium audit: type=1400 audit(1666201583.608:610): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/board_vendor" pid=320950 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 audit: type=1400 audit(1666201583.608:611): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/board_name" pid=320950 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 audit: type=1400 audit(1666201583.608:612): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/bios_vendor" pid=320950 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 audit: type=1400 audit(1666201583.608:613): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/bios_version" pid=320950 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Chromium behaves OK but generates log pollution. Additional info: $ snap list chromium snapd Name Version RevTracking Publisher Notes chromium 106.0.5249.119 2136 latest/stable canonical✓ - snapd 2.57.4 17336 latest/stable canonical✓ snapd $ uname -rm 5.15.0-52-generic x86_64 $ lsb_release -rd Description: Ubuntu 22.04.1 LTS Release: 22.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1993562/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1818987] Re: broken symlink to changelog.Debian.gz in chromium-browser
I just checked 105.0.5195.102-0ubuntu0.18.04.1 and the changelog.Debian.gz is a file so marking as fix released. ** Changed in: chromium-browser (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1818987 Title: broken symlink to changelog.Debian.gz in chromium-browser Status in chromium-browser package in Ubuntu: Fix Released Bug description: Related to https://bugs.launchpad.net/ubuntu/+source/cdbs/+bug/194574, which has to do with saving space, for some reason, the chromium- browser has its changelog symlinked to an optional package. Version: 72.0.3626.119-0ubuntu0.18 Right now, I have chromium-codecs-ffmpeg installed, but the changelog links to documentation in chromium-codecs-ffmpeg-extra. ``` $ dpkg -L chromium-browser | grep changelog.Debian /usr/share/doc/chromium-browser/changelog.Debian.gz $ dpkg -l | grep chromium- ii chromium-browser 72.0.3626.119-0ubuntu0.18.04.1 amd64 Chromium web browser, open-source version of Chrome ii chromium-codecs-ffmpeg 72.0.3626.119-0ubuntu0.18.04.1 amd64 Free ffmpeg codecs for the Chromium Browser $ ls -l /usr/share/doc/chromium-browser/changelog.Debian.gz lrwxrwxrwx 1 root root 51 feb 25 15:56 /usr/share/doc/chromium-browser/changelog.Debian.gz -> ../chromium-codecs-ffmpeg-extra/changelog.Debian.gz $ ls -l ../chromium-codecs-ffmpeg-extra/changelog.Debian.gz ls: cannot access '../chromium-codecs-ffmpeg-extra/changelog.Debian.gz': No such file or directory ``` I don't think saving 2k warrants breaking sane access to the changelog: ``` $ ls -l /usr/share/doc/chromium-browser/ total 1108 lrwxrwxrwx 1 root root 51 feb 25 15:56 changelog.Debian.gz -> ../chromium-codecs-ffmpeg-extra/changelog.Debian.gz -rw-r--r-- 1 root root 1126239 okt 25 2017 copyright -rw-r--r-- 1 root root 2512 okt 25 2017 copyright.problems.gz -rw-r--r-- 1 root root 2975 okt 25 2017 README.source $ ls -l /usr/share/doc/chromium-codecs-ffmpeg/ total 1104 -rw-r--r-- 1 root root 2263 feb 25 15:56 changelog.Debian.gz -rw-r--r-- 1 root root 1126239 okt 25 2017 copyright ``` That copyright file takes up actual space but is not symlinked, :thinking_face: ``` $ md5sum /usr/share/doc/chromium-{browser,codecs-ffmpeg}/copyright 983091d3a4c4e207f2146a911a7f7387 /usr/share/doc/chromium-browser/copyright 983091d3a4c4e207f2146a911a7f7387 /usr/share/doc/chromium-codecs-ffmpeg/copyright ``` If anything, I would guess that the symlink should be the other way around: - chromium-codecs-ffmpeg/changelog.Debian.gz symlinked to ../chromium-browser/changelog.Debian.gz - chromium-codecs-ffmpeg-extra/changelog.Debian.gz symlinked to ../chromium-browser/changelog.Debian.gz (And optionally that copyright file as well.) Cheers, Walter Doekes OSSO B.V. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1818987/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1993562] Re: [snap] apparmor denials on /sys/devices/virtual/dmi/id/bios_vendor, bios_version, board_name and board_vendor
** Summary changed: - [snap] apparmor denials on /sys/devices/virtual/dmi/id/bios_vendor, board_name and board_vendor + [snap] apparmor denials on /sys/devices/virtual/dmi/id/bios_vendor, bios_version, board_name and board_vendor ** Description changed: When starting chromium's snap, those messages are logged: $ journalctl -o cat -k --grep 'apparmor="DENIED"' | grep -F snap.chromium.chromium - audit: type=1400 audit(1666194773.600:424): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/board_name" pid=210441 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 - audit: type=1400 audit(1666194773.600:425): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/bios_vendor" pid=210441 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 - audit: type=1400 audit(1666194773.600:426): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/bios_version" pid=210441 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 - + audit: type=1400 audit(1666201583.608:610): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/board_vendor" pid=320950 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 + audit: type=1400 audit(1666201583.608:611): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/board_name" pid=320950 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 + audit: type=1400 audit(1666201583.608:612): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/bios_vendor" pid=320950 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 + audit: type=1400 audit(1666201583.608:613): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/bios_version" pid=320950 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Chromium behaves OK but generates log pollution. Additional info: $ snap list chromium snapd Name Version RevTracking Publisher Notes chromium 106.0.5249.119 2136 latest/stable canonical✓ - snapd 2.57.4 17336 latest/stable canonical✓ snapd $ uname -rm 5.15.0-52-generic x86_64 $ lsb_release -rd Description: Ubuntu 22.04.1 LTS Release: 22.04 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1993562 Title: [snap] apparmor denials on /sys/devices/virtual/dmi/id/bios_vendor, bios_version, board_name and board_vendor Status in chromium-browser package in Ubuntu: New Bug description: When starting chromium's snap, those messages are logged: $ journalctl -o cat -k --grep 'apparmor="DENIED"' | grep -F snap.chromium.chromium audit: type=1400 audit(1666201583.608:610): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/board_vendor" pid=320950 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 audit: type=1400 audit(1666201583.608:611): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/board_name" pid=320950 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 audit: type=1400 audit(1666201583.608:612): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/bios_vendor" pid=320950 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 audit: type=1400 audit(1666201583.608:613): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/bios_version" pid=320950 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Chromium behaves OK but generates log pollution. Additional info: $ snap list chromium snapd Name Version RevTracking Publisher Notes chromium 106.0.5249.119 2136 latest/stable canonical✓ - snapd 2.57.4 17336 latest/stable canonical✓ snapd $ uname -rm 5.15.0-52-generic x86_64 $ lsb_release -rd Description: Ubuntu 22.04.1 LTS Release: 22.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1993562/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1993562] [NEW] [snap] apparmor denials on /sys/devices/virtual/dmi/id/bios_vendor, board_name and board_vendor
Public bug reported: When starting chromium's snap, those messages are logged: $ journalctl -o cat -k --grep 'apparmor="DENIED"' | grep -F snap.chromium.chromium audit: type=1400 audit(1666194773.600:424): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/board_name" pid=210441 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 audit: type=1400 audit(1666194773.600:425): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/bios_vendor" pid=210441 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 audit: type=1400 audit(1666194773.600:426): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/bios_version" pid=210441 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Chromium behaves OK but generates log pollution. Additional info: $ snap list chromium snapd Name Version RevTracking Publisher Notes chromium 106.0.5249.119 2136 latest/stable canonical✓ - snapd 2.57.4 17336 latest/stable canonical✓ snapd $ uname -rm 5.15.0-52-generic x86_64 $ lsb_release -rd Description:Ubuntu 22.04.1 LTS Release:22.04 ** Affects: chromium-browser (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1993562 Title: [snap] apparmor denials on /sys/devices/virtual/dmi/id/bios_vendor, board_name and board_vendor Status in chromium-browser package in Ubuntu: New Bug description: When starting chromium's snap, those messages are logged: $ journalctl -o cat -k --grep 'apparmor="DENIED"' | grep -F snap.chromium.chromium audit: type=1400 audit(1666194773.600:424): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/board_name" pid=210441 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 audit: type=1400 audit(1666194773.600:425): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/bios_vendor" pid=210441 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 audit: type=1400 audit(1666194773.600:426): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/bios_version" pid=210441 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Chromium behaves OK but generates log pollution. Additional info: $ snap list chromium snapd Name Version RevTracking Publisher Notes chromium 106.0.5249.119 2136 latest/stable canonical✓ - snapd 2.57.4 17336 latest/stable canonical✓ snapd $ uname -rm 5.15.0-52-generic x86_64 $ lsb_release -rd Description: Ubuntu 22.04.1 LTS Release: 22.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1993562/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1570111] Re: many seccomp denials for set_robust_list in xenial
Marking as fix released because newer chromium/snapd do not get any denials for syscall=273 on amd64. Tested with: $ snap list snapd chromium Name Version RevTracking Publisher Notes chromium 106.0.5249.119 2136 latest/stable canonical✓ - snapd 2.57.4 17336 latest/stable canonical✓ snapd $ lsb_release -rd Description:Ubuntu 22.04.1 LTS Release:22.04 $ uname -r 5.15.0-52-generic ** Changed in: chromium-browser (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1570111 Title: many seccomp denials for set_robust_list in xenial Status in chromium-browser package in Ubuntu: Fix Released Bug description: I have 517 messages and counting like this: kernel: [ 2899.006553] audit: type=1326 audit(1460584187.442:1256): auid=4294967295 uid=1000 gid=1000 ses=4294967295 pid=18839 comm="chromium-browse" exe="/usr/lib/chromium-browser/chromium-browser" sig=0 arch=c03e syscall=273 compat=0 ip=0x7fa52f21a694 code=0x5 $ scmp_sys_resolver 273 set_robust_list It seems that chromium's seccomp sandbox needs to enable this call or chromium adjusted to not use it. $ cat /proc/version_signature Ubuntu 4.4.0-18.34-generic 4.4.6 $ apt-cache policy chromium-browser $ apt-cache policy chromium-browser chromium-browser: Installed: 49.0.2623.108-0ubuntu1.1233 Candidate: 49.0.2623.108-0ubuntu1.1233 Version table: *** 49.0.2623.108-0ubuntu1.1233 500 500 http://us.archive.ubuntu.com/ubuntu xenial/universe amd64 Packages 100 /var/lib/dpkg/status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1570111/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1876442] Re: [snap] chromium causing many audit messages in syslog
*** This bug is a duplicate of bug 1900679 *** https://bugs.launchpad.net/bugs/1900679 Chromium's snap is causing a lot of apparmor/seccomp noise (see other bugs) but this bug only mentions syscall=203 (sched_setaffinity) which is now fixed as mentioned in LP: #1900679. ** This bug has been marked a duplicate of bug 1900679 [snap] Apparmor audit messages for calls to sched_setaffinity -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1876442 Title: [snap] chromium causing many audit messages in syslog Status in chromium-browser package in Ubuntu: Confirmed Bug description: chromium as installed through snap: chromium 81.0.4044.129 1135 latest/stable canonical✓ - $ tail -f /var/log/syslog May 2 12:46:20 master3900x kernel: [56493.196311] audit: type=1326 audit(1588416380.844:3238): auid=4294967295 uid=1000 gid=1000 ses=4294967295 subj==snap.chromium.chromium (enforce) pid=55655 comm="chrome" exe="/snap/chromium/1135/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7fdf221bdb8f code=0x5 May 2 12:46:20 master3900x kernel: [56493.196389] audit: type=1326 audit(1588416380.844:3239): auid=4294967295 uid=1000 gid=1000 ses=4294967295 subj==snap.chromium.chromium (enforce) pid=55655 comm="chrome" exe="/snap/chromium/1135/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7fdf221bdb8f code=0x5 May 2 12:46:29 master3900x kernel: [56501.999823] audit: type=1326 audit(1588416389.648:3240): auid=4294967295 uid=1000 gid=1000 ses=4294967295 subj==snap.chromium.chromium (enforce) pid=55655 comm="chrome" exe="/snap/chromium/1135/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7fdf221bdb8f code=0x5 May 2 12:46:29 master3900x kernel: [56501.35] audit: type=1326 audit(1588416389.648:3241): auid=4294967295 uid=1000 gid=1000 ses=4294967295 subj==snap.chromium.chromium (enforce) pid=55655 comm="chrome" exe="/snap/chromium/1135/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7fdf221bdb8f code=0x5 May 2 12:46:30 master3900x kernel: [56502.993348] audit: type=1326 audit(1588416390.644:3242): auid=4294967295 uid=1000 gid=1000 ses=4294967295 subj==snap.chromium.chromium (enforce) pid=55655 comm="chrome" exe="/snap/chromium/1135/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7fdf221bdb8f code=0x5 May 2 12:46:30 master3900x kernel: [56502.993410] audit: type=1326 audit(1588416390.644:3243): auid=4294967295 uid=1000 gid=1000 ses=4294967295 subj==snap.chromium.chromium (enforce) pid=55655 comm="chrome" exe="/snap/chromium/1135/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7fdf221bdb8f code=0x5 May 2 12:46:30 master3900x kernel: [56503.104490] audit: type=1326 audit(1588416390.752:3244): auid=4294967295 uid=1000 gid=1000 ses=4294967295 subj==snap.chromium.chromium (enforce) pid=55655 comm="chrome" exe="/snap/chromium/1135/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7fdf221bdb8f code=0x5 May 2 12:46:30 master3900x kernel: [56503.104561] audit: type=1326 audit(1588416390.752:3245): auid=4294967295 uid=1000 gid=1000 ses=4294967295 subj==snap.chromium.chromium (enforce) pid=55655 comm="chrome" exe="/snap/chromium/1135/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7fdf221bdb8f code=0x5 May 2 12:46:34 master3900x kernel: [56506.398229] audit: type=1326 audit(1588416394.048:3246): auid=4294967295 uid=1000 gid=1000 ses=4294967295 subj==snap.chromium.chromium (enforce) pid=55655 comm="chrome" exe="/snap/chromium/1135/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7fdf221bdb8f code=0x5 May 2 12:46:34 master3900x kernel: [56506.398318] audit: type=1326 audit(1588416394.048:3247): auid=4294967295 uid=1000 gid=1000 ses=4294967295 subj==snap.chromium.chromium (enforce) pid=55655 comm="chrome" exe="/snap/chromium/1135/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7fdf221bdb8f code=0x5 May 2 12:46:49 master3900x kernel: [56521.357592] audit: type=1326 audit(1588416409.004:3248): auid=4294967295 uid=1000 gid=1000 ses=4294967295 subj==snap.chromium.chromium (enforce) pid=55655 comm="chrome" exe="/snap/chromium/1135/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7fdf221bdb8f code=0x5 May 2 12:46:49 master3900x kernel: [56521.357678] audit: type=1326 audit(1588416409.004:3249): auid=4294967295 uid=1000 gid=1000 ses=4294967295 subj==snap.chromium.chromium (enforce) pid=55655 comm="chrome" exe="/snap/chromium/1135/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7fdf221bdb8f
[Desktop-packages] [Bug 1900679] Re: [snap] Apparmor audit messages for calls to sched_setaffinity
I've marked the chromium bug as invalid since snapd now allows sched_setaffinity with browser-sandbox: true (see comment 16). I checked here with firefox and chromium (both snaps) and the only syscall=203 denial is unrelated: $ journalctl -o cat -b-1 -k --grep syscall=203 audit: type=1326 audit(1666098873.038:90): auid=1000 uid=1000 gid=1000 ses=3 subj=? pid=3817 comm="snapd-desktop-i" exe="/snap/snapd-desktop-integration/14/bin/snapd-desktop-integration" sig=0 arch=c03e syscall=203 compat=0 ip=0x7078b4388741 code=0x5 ** Changed in: chromium-browser (Ubuntu) Status: Confirmed => Invalid -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1900679 Title: [snap] Apparmor audit messages for calls to sched_setaffinity Status in chromium-browser package in Ubuntu: Invalid Status in snapd package in Ubuntu: Fix Committed Bug description: [T okt 20 12:25:09 2020] audit: type=1326 audit(1603185912.099:210734): auid=1000 uid=1000 gid=1000 ses=3 pid=53766 comm="chrome" exe="/snap/chromium/1350/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f46a3f19b9f code=0x5 [T okt 20 12:25:09 2020] audit: type=1326 audit(1603185912.099:210735): auid=1000 uid=1000 gid=1000 ses=3 pid=53766 comm="chrome" exe="/snap/chromium/1350/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f46a3f19b9f code=0x5 [T okt 20 12:25:12 2020] audit: type=1326 audit(1603185915.095:210736): auid=1000 uid=1000 gid=1000 ses=3 pid=53766 comm="chrome" exe="/snap/chromium/1350/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f46a3f19b9f code=0x5 [T okt 20 12:25:12 2020] audit: type=1326 audit(1603185915.095:210737): auid=1000 uid=1000 gid=1000 ses=3 pid=53766 comm="chrome" exe="/snap/chromium/1350/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f46a3f19b9f code=0x5 [T okt 20 12:25:14 2020] audit: type=1326 audit(1603185917.419:210738): auid=1000 uid=1000 gid=1000 ses=3 pid=53766 comm="chrome" exe="/snap/chromium/1350/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f46a3f19b9f code=0x5 [T okt 20 12:25:14 2020] audit: type=1326 audit(1603185917.419:210739): auid=1000 uid=1000 gid=1000 ses=3 pid=53766 comm="chrome" exe="/snap/chromium/1350/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f46a3f19b9f code=0x5 Things like these just get repeated endlessly and very often, making any potential debugging very annoying. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1900679/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1862262] Re: [snap] apparmor denials on /sys/devices/virtual/dmi/id/sys_vendor and product_name
I can confirm the denials on /sys/devices/virtual/dmi/id/sys_vendor and product_name are gone now, thanks! $ snap list snapd Name Version RevTracking Publisher Notes snapd 2.57.4 17336 latest/stable canonical✓ snapd ** Changed in: chromium-browser (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1862262 Title: [snap] apparmor denials on /sys/devices/virtual/dmi/id/sys_vendor and product_name Status in chromium-browser package in Ubuntu: Fix Released Bug description: When starting chromium's snap, those messages are logged: Feb 6 12:34:17 foo kernel: [106190.836260] audit: type=1400 audit(1581010457.097:1372): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/sys_vendor" pid=20044 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Feb 6 12:34:17 foo kernel: [106190.836401] audit: type=1400 audit(1581010457.097:1373): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/product_name" pid=20044 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Feb 6 12:34:17 foo chromium_chromium.desktop[20044]: [20191:20191:0206/123417.177438:ERROR:sandbox_linux.cc(374)] InitializeSandbox() called with multiple threads in process gpu-process. Chromium seemingly behaves OK but possibly with reduced sandboxing? Additional info: $ snap info chromium name: chromium summary: Chromium web browser, open-source version of Chrome publisher: Canonical✓ contact: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bugs?field.tag=snap license: unset description: | An open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web. commands: - chromium.chromedriver - chromium snap-id: XKEcBqPM06H1Z7zGOdG5fbICuf8NWK5R tracking: stable refresh-date: yesterday at 17:45 EST channels: stable:80.0.3987.87 2020-02-05 (1016) 160MB - candidate: 80.0.3987.87 2020-02-05 (1016) 160MB - beta: 80.0.3987.85 2020-02-04 (1014) 160MB - edge: 81.0.4040.5 2020-02-06 (1018) 161MB - installed: 80.0.3987.87(1016) 160MB - $ uname -a Linux simon-lemur 5.3.0-28-generic #30~18.04.1-Ubuntu SMP Fri Jan 17 06:14:09 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ lsb_release -rd Description: Ubuntu 18.04.4 LTS Release: 18.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1862262/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1983502] Re: [snap] seccomp denials for syscall=314 on amd64
Awesome, thank you Olivier! -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/1983502 Title: [snap] seccomp denials for syscall=314 on amd64 Status in thunderbird package in Ubuntu: In Progress Bug description: $ snap list thunderbird Name VersionRev Tracking Publisher Notes thunderbird 102.1.0-2 237 latest/stable canonical✓ - During normal operation, the following is logged: Aug 03 12:07:58 foo kernel: audit: type=1326 audit(1659542878.718:511): auid=1000 uid=1000 gid=1000 ses=9 subj=? pid=154377 comm="thunderbird-bin" exe="/snap/thunderbird/237/thunderbird-bin" sig=0 arch=c03e syscall=314 compat=0 ip=0x7e4137c4473d code=0x5 And something similar when the crash reporter executes: Aug 03 12:02:04 foo kernel: audit: type=1326 audit(1659542524.642:510): auid=1000 uid=1000 gid=1000 ses=9 subj=? pid=150188 comm="crashreporter" exe="/snap/thunderbird/237/crashreporter" sig=0 arch=c03e syscall=314 compat=0 ip=0x7e5f095e773d code=0x5 # Additional information: $ lsb_release -rd Description: Ubuntu 20.04.4 LTS Release: 20.04 $ uname -a Linux foo 5.15.0-43-generic #46~20.04.1-Ubuntu SMP Thu Jul 14 15:20:17 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/1983502/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1983502] Re: [snap] seccomp denials for syscall=314 on amd64
There are quite a few "pending" crash reports and one from the day I opened this bug so I'd say yes, it's failing to submit them: sdeziel@sdeziel-lemur:~/snap/thunderbird/common/.thunderbird/Crash Reports/pending$ ls -ltr | tail -rw--- 1 sdeziel sdeziel 2088424 May 27 14:04 5f6acf74-091e-649d-d405-8f515d115c43.dmp -rw--- 1 sdeziel sdeziel 11518 May 27 14:04 5f6acf74-091e-649d-d405-8f515d115c43.extra -rw--- 1 sdeziel sdeziel 1790080 Jun 2 12:07 36f475a4-a06d-805a-f37c-3537f767db0d.dmp -rw--- 1 sdeziel sdeziel 12510 Jun 2 12:07 36f475a4-a06d-805a-f37c-3537f767db0d.extra -rw--- 1 sdeziel sdeziel 1752936 Jun 30 09:27 42252ef9-1b81-6337-f078-a16915f5a550.dmp -rw--- 1 sdeziel sdeziel8111 Jun 30 09:27 42252ef9-1b81-6337-f078-a16915f5a550.extra -rw-rw-r-- 1 sdeziel sdeziel 344429 Jul 26 13:34 44fcac7c-c079-c1c2-d25b-a421fdc9b60b.dmp -rw--- 1 sdeziel sdeziel9526 Jul 26 13:34 44fcac7c-c079-c1c2-d25b-a421fdc9b60b.extra -rw--- 1 sdeziel sdeziel 1667280 Aug 3 12:02 09575f30-efa8-4267-8875-7c78e787f556.dmp -rw--- 1 sdeziel sdeziel 11198 Aug 3 12:02 09575f30-efa8-4267-8875-7c78e787f556.extra -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/1983502 Title: [snap] seccomp denials for syscall=314 on amd64 Status in thunderbird package in Ubuntu: New Bug description: $ snap list thunderbird Name VersionRev Tracking Publisher Notes thunderbird 102.1.0-2 237 latest/stable canonical✓ - During normal operation, the following is logged: Aug 03 12:07:58 foo kernel: audit: type=1326 audit(1659542878.718:511): auid=1000 uid=1000 gid=1000 ses=9 subj=? pid=154377 comm="thunderbird-bin" exe="/snap/thunderbird/237/thunderbird-bin" sig=0 arch=c03e syscall=314 compat=0 ip=0x7e4137c4473d code=0x5 And something similar when the crash reporter executes: Aug 03 12:02:04 foo kernel: audit: type=1326 audit(1659542524.642:510): auid=1000 uid=1000 gid=1000 ses=9 subj=? pid=150188 comm="crashreporter" exe="/snap/thunderbird/237/crashreporter" sig=0 arch=c03e syscall=314 compat=0 ip=0x7e5f095e773d code=0x5 # Additional information: $ lsb_release -rd Description: Ubuntu 20.04.4 LTS Release: 20.04 $ uname -a Linux foo 5.15.0-43-generic #46~20.04.1-Ubuntu SMP Thu Jul 14 15:20:17 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/1983502/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1983502] Re: [snap] seccomp denials for syscall=314 on amd64
thunderbird itself seems to be working fine but the crashreport seemed to have other issues due to Apparmor: Aug 3 12:02:04 sdeziel-lemur thunderbird_thunderbird.desktop[32515]: ExceptionHandler::GenerateDump cloned child 150187 Aug 3 12:02:04 sdeziel-lemur thunderbird_thunderbird.desktop[150187]: ExceptionHandler::WaitForContinueSignal waiting for continue signal... Aug 3 12:02:04 sdeziel-lemur thunderbird_thunderbird.desktop[32515]: ExceptionHandler::SendContinueSignalToChild sent continue signal to child Aug 3 12:02:04 sdeziel-lemur kernel: [13893.569377] audit: type=1400 audit(1659542524.386:509): apparmor="DENIED" operation="open" profile="snap.thunderbird.thunderbird" name="/proc/32515/environ" pid=150187 comm="thunderbird-bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000 Aug 3 12:02:04 sdeziel-lemur thunderbird_thunderbird.desktop[32711]: Exiting due to channel error. Aug 3 12:02:04 sdeziel-lemur kernel: [13893.827373] audit: type=1326 audit(1659542524.642:510): auid=1000 uid=1000 gid=1000 ses=9 subj=? pid=150188 comm="crashreporter" exe="/snap/thunderbird/237/crashreporter" sig=0 arch=c03e syscall=314 compat=0 ip=0x7e5f095e773d code=0x5 Aug 3 12:02:07 sdeziel-lemur thunderbird_thunderbird.desktop[150188]: Failed to open curl lib from binary, use libcurl.so instead -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/1983502 Title: [snap] seccomp denials for syscall=314 on amd64 Status in thunderbird package in Ubuntu: New Bug description: $ snap list thunderbird Name VersionRev Tracking Publisher Notes thunderbird 102.1.0-2 237 latest/stable canonical✓ - During normal operation, the following is logged: Aug 03 12:07:58 foo kernel: audit: type=1326 audit(1659542878.718:511): auid=1000 uid=1000 gid=1000 ses=9 subj=? pid=154377 comm="thunderbird-bin" exe="/snap/thunderbird/237/thunderbird-bin" sig=0 arch=c03e syscall=314 compat=0 ip=0x7e4137c4473d code=0x5 And something similar when the crash reporter executes: Aug 03 12:02:04 foo kernel: audit: type=1326 audit(1659542524.642:510): auid=1000 uid=1000 gid=1000 ses=9 subj=? pid=150188 comm="crashreporter" exe="/snap/thunderbird/237/crashreporter" sig=0 arch=c03e syscall=314 compat=0 ip=0x7e5f095e773d code=0x5 # Additional information: $ lsb_release -rd Description: Ubuntu 20.04.4 LTS Release: 20.04 $ uname -a Linux foo 5.15.0-43-generic #46~20.04.1-Ubuntu SMP Thu Jul 14 15:20:17 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/1983502/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1491249] Re: Regression: Visual new email notification no longer working in 38.2.0
This bug was reported against an old Ubuntu release and an old Thunderbird version. Please try to reproduce with current Ubuntu/Thunderbird version and open a new bug if needed. Thanks! ** Changed in: thunderbird (Ubuntu) Status: Confirmed => Incomplete -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/1491249 Title: Regression: Visual new email notification no longer working in 38.2.0 Status in thunderbird package in Ubuntu: Incomplete Bug description: One feature of Thunderbird is a notification through the system notification system whenever a new email arrives in the inbox. With the recent update to version 38.2 this notification no longer works. The "new email" sound plays, but the visual notification is no longer displayed. This is clearly a regression, since it worked with the previous versions of Thunderbird. ProblemType: Bug DistroRelease: Ubuntu 15.04 Package: thunderbird 1:38.2.0+build1-0ubuntu0.15.04.1 ProcVersionSignature: Ubuntu 3.19.0-26.28-generic 3.19.8-ckt4 Uname: Linux 3.19.0-26-generic x86_64 AddonCompatCheckDisabled: False ApportVersion: 2.17.2-0ubuntu1.3 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/pcmC1D0p: jan2434 F...m pulseaudio /dev/snd/controlC1: jan2434 F pulseaudio /dev/snd/controlC0: jan2434 F pulseaudio BuildID: 20150818212443 Channel: Unavailable CurrentDesktop: GNOME Date: Wed Sep 2 08:35:06 2015 EcryptfsInUse: Yes Extensions: extensions.sqlite corrupt or missing ForcedLayersAccel: False IfupdownConfig: # interfaces(5) file used by ifup(8) and ifdown(8) auto lo iface lo inet loopback IncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) InstallationDate: Installed on 2015-01-30 (214 days ago) InstallationMedia: Ubuntu-GNOME 14.10 "Utopic Unicorn" - Release amd64 (20141022.1) IpRoute: default via 192.168.1.1 dev eth0 proto static metric 1024 169.254.0.0/16 dev eth0 scope link metric 1000 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.30 IwConfig: eth0 no wireless extensions. lono wireless extensions. Locales: extensions.sqlite corrupt or missing MostRecentCrashID: bp-90222358-6460-4247-96c9-9500e2150311 Plugins: Gnome Shell Integration - /usr/lib/mozilla/plugins/libgnome-shell-browser-plugin.so (gnome-shell) PrefSources: prefs.js [Profile]/extensions/{847b3a00-7ab1-11d4-8f02-006008948af5}/defaults/preferences/enigmail.js [Profile]/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/defaults/preferences/lightning.js ProcEnviron: TERM=xterm PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=de_DE.UTF-8 SHELL=/bin/bash Profiles: Profile0 (Default) - LastVersion=38.2.0/20150818212443 (In use) RelatedPackageVersions: gnome-shell 3.14.4-0ubuntu1 RfKill: 0: hci0: Bluetooth Soft blocked: yes Hard blocked: no RunningIncompatibleAddons: False SourcePackage: thunderbird SubmittedCrashIDs: bp-90222358-6460-4247-96c9-9500e2150311 Themes: extensions.sqlite corrupt or missing UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 07/14/2015 dmi.bios.vendor: Dell Inc. dmi.bios.version: A05 dmi.board.name: 0310JH dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 9 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvrA05:bd07/14/2015:svnDellInc.:pnXPS139343:pvr:rvnDellInc.:rn0310JH:rvrA00:cvnDellInc.:ct9:cvr: dmi.product.name: XPS 13 9343 dmi.sys.vendor: Dell Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/1491249/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1983502] [NEW] [snap] seccomp denials for syscall=314 on amd64
Public bug reported: $ snap list thunderbird Name VersionRev Tracking Publisher Notes thunderbird 102.1.0-2 237 latest/stable canonical✓ - During normal operation, the following is logged: Aug 03 12:07:58 foo kernel: audit: type=1326 audit(1659542878.718:511): auid=1000 uid=1000 gid=1000 ses=9 subj=? pid=154377 comm="thunderbird- bin" exe="/snap/thunderbird/237/thunderbird-bin" sig=0 arch=c03e syscall=314 compat=0 ip=0x7e4137c4473d code=0x5 And something similar when the crash reporter executes: Aug 03 12:02:04 foo kernel: audit: type=1326 audit(1659542524.642:510): auid=1000 uid=1000 gid=1000 ses=9 subj=? pid=150188 comm="crashreporter" exe="/snap/thunderbird/237/crashreporter" sig=0 arch=c03e syscall=314 compat=0 ip=0x7e5f095e773d code=0x5 # Additional information: $ lsb_release -rd Description:Ubuntu 20.04.4 LTS Release:20.04 $ uname -a Linux foo 5.15.0-43-generic #46~20.04.1-Ubuntu SMP Thu Jul 14 15:20:17 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux ** Affects: thunderbird (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/1983502 Title: [snap] seccomp denials for syscall=314 on amd64 Status in thunderbird package in Ubuntu: New Bug description: $ snap list thunderbird Name VersionRev Tracking Publisher Notes thunderbird 102.1.0-2 237 latest/stable canonical✓ - During normal operation, the following is logged: Aug 03 12:07:58 foo kernel: audit: type=1326 audit(1659542878.718:511): auid=1000 uid=1000 gid=1000 ses=9 subj=? pid=154377 comm="thunderbird-bin" exe="/snap/thunderbird/237/thunderbird-bin" sig=0 arch=c03e syscall=314 compat=0 ip=0x7e4137c4473d code=0x5 And something similar when the crash reporter executes: Aug 03 12:02:04 foo kernel: audit: type=1326 audit(1659542524.642:510): auid=1000 uid=1000 gid=1000 ses=9 subj=? pid=150188 comm="crashreporter" exe="/snap/thunderbird/237/crashreporter" sig=0 arch=c03e syscall=314 compat=0 ip=0x7e5f095e773d code=0x5 # Additional information: $ lsb_release -rd Description: Ubuntu 20.04.4 LTS Release: 20.04 $ uname -a Linux foo 5.15.0-43-generic #46~20.04.1-Ubuntu SMP Thu Jul 14 15:20:17 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/1983502/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1959604] Re: [upstream] Thunderbird 91.5.0 regression: writes attachments to /tmp readable to everyone
Marking as fix released because the upstream bug was closed and the fix was verified to work in comment 20 (version 91.7.0). Ubuntu currently ships version 91.11.0. ** Changed in: thunderbird (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/1959604 Title: [upstream] Thunderbird 91.5.0 regression: writes attachments to /tmp readable to everyone Status in Mozilla Thunderbird: Fix Released Status in thunderbird package in Ubuntu: Fix Released Bug description: thunderbird saves opened attachments to /tmp with permissions according to umask setting. This was fixed a long time ago with a protected folder /tmp/mozilla_${USER}0 and was still working correctly as of version 78.14.0+build1-0ubuntu0.20.04.2. The recent update to 1:91.5.0+build1-0ubuntu0.20.04.1 reintroduced the bug. Ubuntu 20.04.3 LTS Kernel release:5.13.0-25-generic Architecture: x86_64 To manage notifications about this bug go to: https://bugs.launchpad.net/thunderbird/+bug/1959604/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1754401] Re: mounting /proc with hidepid causes: Fatal server error: (EE) xf86OpenConsole: Cannot open virtual console 1 (Permission denied)
I've found a workaround that was tested on Ubuntu 20.04: $ cat /etc/systemd/system/systemd-logind.service.d/override.conf # XXX: required to have /proc mounted with hidepid=2,gid=pidgrp [Service] SupplementaryGroups=pidgrp -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to xorg-server in Ubuntu. https://bugs.launchpad.net/bugs/1754401 Title: mounting /proc with hidepid causes: Fatal server error: (EE) xf86OpenConsole: Cannot open virtual console 1 (Permission denied) Status in X.Org X server: Unknown Status in xorg-server package in Ubuntu: Triaged Bug description: I don't what changed but today, my Artful laptop refuses to start a graphical session. The last update seems entirely unrelated: # /var/log/apt/history.log Start-Date: 2018-03-06 15:50:35 Commandline: apt-get dist-upgrade Requested-By: simon (1000) Upgrade: libpq5:amd64 (9.6.7-0ubuntu0.17.10, 9.6.8-0ubuntu0.17.10) End-Date: 2018-03-06 15:50:39 I tried linux-image-4.13.0-32-generic and linux- image-4.13.0-36-generic to no avail. I removed the "quiet splash" args from /etc/default/grub but it didn't help. Using "nomodeset" makes the graphical session almost work but the brightness of the screen is so low that I cannot use it and can't make it brighter either. ProblemType: Bug DistroRelease: Ubuntu 17.10 Package: gdm3 3.26.1-3ubuntu3 ProcVersionSignature: Ubuntu 4.13.0-36.40-generic 4.13.13 Uname: Linux 4.13.0-36-generic x86_64 ApportVersion: 2.20.7-0ubuntu3.7 Architecture: amd64 Date: Thu Mar 8 11:08:35 2018 InstallationDate: Installed on 2017-10-21 (137 days ago) InstallationMedia: Ubuntu 17.10 "Artful Aardvark" - Release amd64 (20171018) SourcePackage: gdm3 UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/xorg-server/+bug/1754401/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1966562] Re: ubuntu-minimal should not depend on isc-dhcp-client
Thanks for the explanation and pointer to the ML thread, makes sense to me now. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to ubuntu-meta in Ubuntu. https://bugs.launchpad.net/bugs/1966562 Title: ubuntu-minimal should not depend on isc-dhcp-client Status in ubuntu-meta package in Ubuntu: Invalid Bug description: ubuntu-minimal already depends on `init` which depends on `systemd- sysv` which depends on `systemd` which comes with `systemd-networkd` that has a DHCP client in it. Having the isc-dhcp-client package feels redundant. # Additional information $ lsb_release -rd Description: Ubuntu Jammy Jellyfish (development branch) Release: 22.04 $ apt-cache policy ubuntu-minimal ubuntu-minimal: Installed: 1.478 Candidate: 1.478 Version table: *** 1.478 500 500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages 100 /var/lib/dpkg/status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/1966562/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1969141] Re: [snap] seccomp denials for syscall=312, 314, 330 on amd64
Here is the syscall number => name mapping on amd64: 312: sys_kcmp 314: sys_sched_setattr (so also covered in LP: #1900679) 330: pkey_alloc ** Description changed: # Steps to reproduce 1) Install Chromium's snap snap install chromium 2) Monitor logs journalctl -o cat -f --grep chromium 3) Start Chromium journalctl will be filled with errors due to some syscalls not permitted by the seccomp policy, like those: Apr 14 11:18:14 sdeziel-lemur audit[1734639]: SECCOMP auid=1000 uid=1000 gid=1000 ses=3 subj=snap.chromium.chromium pid=1734639 comm="chrome" exe="/snap/chromium/1961/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=314 compat=0 ip=0x77ccfac2276d code=0x5 Apr 14 11:18:14 sdeziel-lemur audit[1734751]: SECCOMP auid=1000 uid=1000 gid=1000 ses=3 subj=snap.chromium.chromium pid=1734751 comm="chrome" exe="/snap/chromium/1961/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=312 compat=0 ip=0x7a9d5be7f76d code=0x5 Apr 14 11:18:14 sdeziel-lemur audit[1734790]: SECCOMP auid=1000 uid=1000 gid=1000 ses=3 subj=snap.chromium.chromium pid=1734790 comm="chrome" exe="/snap/chromium/1961/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=330 compat=0 ip=0x735f8ecd303b code=0x5 - # Additional information $ uname -a Linux sdeziel-lemur 5.13.0-39-generic #44~20.04.1-Ubuntu SMP Thu Mar 24 16:43:35 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux $ lsb_release -rd Description: Ubuntu 20.04.4 LTS Release: 20.04 $ snap list chromium Name VersionRev Tracking Publisher Notes chromium 100.0.4896.88 1961 latest/stable canonical✓ - + + $ snap connections chromium + Interface PlugSlot Notes + audio-playbackchromium:audio-playback :audio-playback - + audio-record chromium:audio-record :audio-record- + bluez chromium:bluez :bluez - + browser-support chromium:browser-sandbox :browser-support - + camerachromium:camera :camera manual + content[gnome-3-38-2004] chromium:gnome-3-38-2004 gnome-3-38-2004:gnome-3-38-2004 - + content[gtk-3-themes] chromium:gtk-3-themes gtk-common-themes:gtk-3-themes - + content[icon-themes] chromium:icon-themes gtk-common-themes:icon-themes- + content[sound-themes] chromium:sound-themes gtk-common-themes:sound-themes - + cups-control chromium:cups-control :cups-control- + desktop chromium:desktop:desktop - + desktop-legacychromium:desktop-legacy :desktop-legacy - + gsettings chromium:gsettings :gsettings - + home chromium:home :home - + joystick chromium:joystick :joystick - + mount-observe chromium:mount-observe - - + mpris - chromium:mpris - + network chromium:network:network - + network-bind chromium:network-bind :network-bind- + network-manager chromium:network-manager- - + openglchromium:opengl :opengl - + password-manager-service chromium:password-manager-service - - + personal-fileschromium:chromium-config :personal-files - + pulseaudiochromium:pulseaudio - - + raw-usb chromium:raw-usb- - + removable-media chromium:removable-media :removable-media - + screen-inhibit-controlchromium:screen-inhibit-control :screen-inhibit-control - + system-files chromium:etc-chromium-browser-policies :system-files- + system-packages-doc chromium:system-packages-doc :system-packages-doc - + u2f-devices chromium:u2f-devices :u2f-devices - + unity7chromium:unity7
[Desktop-packages] [Bug 1969141] [NEW] [snap] seccomp denials for syscall=312, 314, 330 on amd64
Public bug reported: # Steps to reproduce 1) Install Chromium's snap snap install chromium 2) Monitor logs journalctl -o cat -f --grep chromium 3) Start Chromium journalctl will be filled with errors due to some syscalls not permitted by the seccomp policy, like those: Apr 14 11:18:14 sdeziel-lemur audit[1734639]: SECCOMP auid=1000 uid=1000 gid=1000 ses=3 subj=snap.chromium.chromium pid=1734639 comm="chrome" exe="/snap/chromium/1961/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=314 compat=0 ip=0x77ccfac2276d code=0x5 Apr 14 11:18:14 sdeziel-lemur audit[1734751]: SECCOMP auid=1000 uid=1000 gid=1000 ses=3 subj=snap.chromium.chromium pid=1734751 comm="chrome" exe="/snap/chromium/1961/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=312 compat=0 ip=0x7a9d5be7f76d code=0x5 Apr 14 11:18:14 sdeziel-lemur audit[1734790]: SECCOMP auid=1000 uid=1000 gid=1000 ses=3 subj=snap.chromium.chromium pid=1734790 comm="chrome" exe="/snap/chromium/1961/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=330 compat=0 ip=0x735f8ecd303b code=0x5 # Additional information $ uname -a Linux sdeziel-lemur 5.13.0-39-generic #44~20.04.1-Ubuntu SMP Thu Mar 24 16:43:35 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux $ lsb_release -rd Description:Ubuntu 20.04.4 LTS Release:20.04 $ snap list chromium Name VersionRev Tracking Publisher Notes chromium 100.0.4896.88 1961 latest/stable canonical✓ - $ snap connections chromium Interface PlugSlot Notes audio-playbackchromium:audio-playback :audio-playback - audio-record chromium:audio-record :audio-record - bluez chromium:bluez :bluez - browser-support chromium:browser-sandbox :browser-support - camerachromium:camera :camera manual content[gnome-3-38-2004] chromium:gnome-3-38-2004 gnome-3-38-2004:gnome-3-38-2004 - content[gtk-3-themes] chromium:gtk-3-themes gtk-common-themes:gtk-3-themes - content[icon-themes] chromium:icon-themes gtk-common-themes:icon-themes- content[sound-themes] chromium:sound-themes gtk-common-themes:sound-themes - cups-control chromium:cups-control :cups-control - desktop chromium:desktop:desktop - desktop-legacychromium:desktop-legacy :desktop-legacy - gsettings chromium:gsettings :gsettings - home chromium:home :home - joystick chromium:joystick :joystick - mount-observe chromium:mount-observe - - mpris - chromium:mpris - network chromium:network:network - network-bind chromium:network-bind :network-bind - network-manager chromium:network-manager- - openglchromium:opengl :opengl - password-manager-service chromium:password-manager-service - - personal-fileschromium:chromium-config :personal-files - pulseaudiochromium:pulseaudio - - raw-usb chromium:raw-usb- - removable-media chromium:removable-media :removable-media - screen-inhibit-controlchromium:screen-inhibit-control :screen-inhibit-control - system-files chromium:etc-chromium-browser-policies :system-files - system-packages-doc chromium:system-packages-doc :system-packages-doc - u2f-devices chromium:u2f-devices:u2f-devices - unity7chromium:unity7 :unity7 - upower-observechromium:upower-observe :upower-observe - wayland chromium:wayland:wayland - x11
[Desktop-packages] [Bug 1966127] Re: ubuntu-desktop-minimal pulls gnome-session which is in universe
Thanks Jeremy! -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to ubuntu-meta in Ubuntu. https://bugs.launchpad.net/bugs/1966127 Title: ubuntu-desktop-minimal pulls gnome-session which is in universe Status in gdm3 package in Ubuntu: Fix Released Status in ubuntu-meta package in Ubuntu: Invalid Bug description: ubuntu-desktop-minimal is in main but installing it pulls gnome- session from universe. Here is how to reproduce it: 1) Create a Jammy VM: $ lxc launch images:ubuntu/jammy jammy-vm --vm 2) Enter the Jammy VM: $ lxc shell jammy-vm 3) Install ubuntu-desktop-minimal root@jammy-vm:~# apt-get update ... root@jammy-vm:~# apt-get install -V ubuntu-desktop-minimal ... Get:726 http://archive.ubuntu.com/ubuntu jammy/main amd64 libxfont2 amd64 1:2.0.5-1 [94.7 kB] Get:727 http://archive.ubuntu.com/ubuntu jammy/main amd64 xwayland amd64 2:22.1.0-1 [932 kB] Get:728 http://archive.ubuntu.com/ubuntu jammy/universe amd64 gnome-session all 42.0-1ubuntu1 [15.2 kB] Get:729 http://archive.ubuntu.com/ubuntu jammy/main amd64 yaru-theme-gnome-shell all 22.04.2 [66.4 kB] Get:730 http://archive.ubuntu.com/ubuntu jammy/main amd64 ubuntu-session all 42.0-1ubuntu1 [5,418 B] ... 4) Check the policy of packages: root@jammy-vm:~# apt-cache policy ubuntu-desktop-minimal gnome-session ubuntu-desktop-minimal: Installed: 1.478 Candidate: 1.478 Version table: *** 1.478 500 500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages 100 /var/lib/dpkg/status gnome-session: Installed: 42.0-1ubuntu1 Candidate: 42.0-1ubuntu1 Version table: *** 42.0-1ubuntu1 500 500 http://archive.ubuntu.com/ubuntu jammy/universe amd64 Packages 100 /var/lib/dpkg/status Both should be from main. Additional information: root@jammy-vm:~# lsb_release -rd Description: Ubuntu Jammy Jellyfish (development branch) Release: 22.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1966127/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 423607] Re: ubuntu-minimal should depends on dhcp3-client | dhcp-client instead of only dhcp3-client
It's been a while that ubuntu-minimal depends on isc-dhcp-client: $ apt-cache show ubuntu-minimal | grep Depends | grep dhcp Depends: adduser, apt, apt-utils, console-setup, debconf, debconf-i18n, e2fsprogs, eject, init, iproute2, iputils-ping, isc-dhcp-client, kbd, kmod, less, locales, lsb-release, mawk, mount, netbase, netcat-openbsd, netplan.io, passwd, procps, python3, sensible-utils, sudo, tzdata, ubuntu-advantage-tools, ubuntu-keyring, udev, vim-tiny, whiptail I checked on Focal with ubuntu-minimal version 1.450.2 but the fix possibly came earlier than that. ** Changed in: ubuntu-meta (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to ubuntu-meta in Ubuntu. https://bugs.launchpad.net/bugs/423607 Title: ubuntu-minimal should depends on dhcp3-client | dhcp-client instead of only dhcp3-client Status in ubuntu-meta package in Ubuntu: Fix Released Bug description: ubuntu-minimal should depends on dhcp3-client | dhcp-client instead of only dhcp3-client since user can use pump or dhcpcd or udhcpc To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/423607/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1966562] [NEW] ubuntu-minimal should not depend on isc-dhcp-client
Public bug reported: ubuntu-minimal already depends on `init` which depends on `systemd-sysv` which depends on `systemd` which comes with `systemd-networkd` that has a DHCP client in it. Having the isc-dhcp-client package feels redundant. # Additional information $ lsb_release -rd Description:Ubuntu Jammy Jellyfish (development branch) Release:22.04 $ apt-cache policy ubuntu-minimal ubuntu-minimal: Installed: 1.478 Candidate: 1.478 Version table: *** 1.478 500 500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages 100 /var/lib/dpkg/status ** Affects: ubuntu-meta (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to ubuntu-meta in Ubuntu. https://bugs.launchpad.net/bugs/1966562 Title: ubuntu-minimal should not depend on isc-dhcp-client Status in ubuntu-meta package in Ubuntu: New Bug description: ubuntu-minimal already depends on `init` which depends on `systemd- sysv` which depends on `systemd` which comes with `systemd-networkd` that has a DHCP client in it. Having the isc-dhcp-client package feels redundant. # Additional information $ lsb_release -rd Description: Ubuntu Jammy Jellyfish (development branch) Release: 22.04 $ apt-cache policy ubuntu-minimal ubuntu-minimal: Installed: 1.478 Candidate: 1.478 Version table: *** 1.478 500 500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages 100 /var/lib/dpkg/status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/1966562/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1966127] [NEW] ubuntu-desktop-minimal pulls gnome-session which is in universe
Public bug reported: ubuntu-desktop-minimal is in main but installing it pulls gnome-session from universe. Here is how to reproduce it: 1) Create a Jammy VM: $ lxc launch images:ubuntu/jammy jammy-vm --vm 2) Enter the Jammy VM: $ lxc shell jammy-vm 3) Install ubuntu-desktop-minimal root@jammy-vm:~# apt-get update ... root@jammy-vm:~# apt-get install -V ubuntu-desktop-minimal ... Get:726 http://archive.ubuntu.com/ubuntu jammy/main amd64 libxfont2 amd64 1:2.0.5-1 [94.7 kB] Get:727 http://archive.ubuntu.com/ubuntu jammy/main amd64 xwayland amd64 2:22.1.0-1 [932 kB] Get:728 http://archive.ubuntu.com/ubuntu jammy/universe amd64 gnome-session all 42.0-1ubuntu1 [15.2 kB] Get:729 http://archive.ubuntu.com/ubuntu jammy/main amd64 yaru-theme-gnome-shell all 22.04.2 [66.4 kB] Get:730 http://archive.ubuntu.com/ubuntu jammy/main amd64 ubuntu-session all 42.0-1ubuntu1 [5,418 B] ... 4) Check the policy of packages: root@jammy-vm:~# apt-cache policy ubuntu-desktop-minimal gnome-session ubuntu-desktop-minimal: Installed: 1.478 Candidate: 1.478 Version table: *** 1.478 500 500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages 100 /var/lib/dpkg/status gnome-session: Installed: 42.0-1ubuntu1 Candidate: 42.0-1ubuntu1 Version table: *** 42.0-1ubuntu1 500 500 http://archive.ubuntu.com/ubuntu jammy/universe amd64 Packages 100 /var/lib/dpkg/status Both should be from main. Additional information: root@jammy-vm:~# lsb_release -rd Description:Ubuntu Jammy Jellyfish (development branch) Release:22.04 ** Affects: ubuntu-meta (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to ubuntu-meta in Ubuntu. https://bugs.launchpad.net/bugs/1966127 Title: ubuntu-desktop-minimal pulls gnome-session which is in universe Status in ubuntu-meta package in Ubuntu: New Bug description: ubuntu-desktop-minimal is in main but installing it pulls gnome- session from universe. Here is how to reproduce it: 1) Create a Jammy VM: $ lxc launch images:ubuntu/jammy jammy-vm --vm 2) Enter the Jammy VM: $ lxc shell jammy-vm 3) Install ubuntu-desktop-minimal root@jammy-vm:~# apt-get update ... root@jammy-vm:~# apt-get install -V ubuntu-desktop-minimal ... Get:726 http://archive.ubuntu.com/ubuntu jammy/main amd64 libxfont2 amd64 1:2.0.5-1 [94.7 kB] Get:727 http://archive.ubuntu.com/ubuntu jammy/main amd64 xwayland amd64 2:22.1.0-1 [932 kB] Get:728 http://archive.ubuntu.com/ubuntu jammy/universe amd64 gnome-session all 42.0-1ubuntu1 [15.2 kB] Get:729 http://archive.ubuntu.com/ubuntu jammy/main amd64 yaru-theme-gnome-shell all 22.04.2 [66.4 kB] Get:730 http://archive.ubuntu.com/ubuntu jammy/main amd64 ubuntu-session all 42.0-1ubuntu1 [5,418 B] ... 4) Check the policy of packages: root@jammy-vm:~# apt-cache policy ubuntu-desktop-minimal gnome-session ubuntu-desktop-minimal: Installed: 1.478 Candidate: 1.478 Version table: *** 1.478 500 500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages 100 /var/lib/dpkg/status gnome-session: Installed: 42.0-1ubuntu1 Candidate: 42.0-1ubuntu1 Version table: *** 42.0-1ubuntu1 500 500 http://archive.ubuntu.com/ubuntu jammy/universe amd64 Packages 100 /var/lib/dpkg/status Both should be from main. Additional information: root@jammy-vm:~# lsb_release -rd Description: Ubuntu Jammy Jellyfish (development branch) Release: 22.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/1966127/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1244714] Re: pppd on new Precise HWE kernels fails, but works on 3.2
This bug is probably fixed but I'll mark it as incomplete hoping that someone would take the time to test it with supported versions. ** Changed in: ppp (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to ppp in Ubuntu. https://bugs.launchpad.net/bugs/1244714 Title: pppd on new Precise HWE kernels fails, but works on 3.2 Status in ppp package in Ubuntu: Incomplete Bug description: Connecting to an IPsec/L2TP tunnel works when using the 3.2 kernel shipped with Precise 12.04 but fails with the most recent HWE kernel (3.8 from 12.04.3). With the 3.8 kernel here is how pppd dies: Oct 25 11:31:24 l2tp-udesktop pppd[2758]: Plugin pppol2tp.so loaded. Oct 25 11:31:24 l2tp-udesktop pppd[2758]: pppd options in effect: Oct 25 11:31:24 l2tp-udesktop pppd[2758]: debug debug#011#011# (from /etc/ppp/Checkpoint.options.xl2tpd) Oct 25 11:31:24 l2tp-udesktop pppd[2758]: nodetach#011#011# (from command line) Oct 25 11:31:24 l2tp-udesktop pppd[2758]: idle 72000#011#011# (from /etc/ppp/Checkpoint.options.xl2tpd) Oct 25 11:31:24 l2tp-udesktop pppd[2758]: ktune#011#011# (from /etc/ppp/Checkpoint.options.xl2tpd) Oct 25 11:31:24 l2tp-udesktop pppd[2758]: dump#011#011# (from /etc/ppp/Checkpoint.options.xl2tpd) Oct 25 11:31:24 l2tp-udesktop pppd[2758]: plugin pppol2tp.so#011#011# (from command line) Oct 25 11:31:24 l2tp-udesktop pppd[2758]: noauth#011#011# (from /etc/ppp/Checkpoint.options.xl2tpd) Oct 25 11:31:24 l2tp-udesktop pppd[2758]: refuse-chap#011#011# (from /etc/ppp/Checkpoint.options.xl2tpd) Oct 25 11:31:24 l2tp-udesktop pppd[2758]: refuse-mschap#011#011# (from /etc/ppp/Checkpoint.options.xl2tpd) Oct 25 11:31:24 l2tp-udesktop pppd[2758]: refuse-mschap-v2#011#011# (from /etc/ppp/Checkpoint.options.xl2tpd) Oct 25 11:31:24 l2tp-udesktop pppd[2758]: refuse-eap#011#011# (from /etc/ppp/Checkpoint.options.xl2tpd) Oct 25 11:31:24 l2tp-udesktop pppd[2758]: name myname#011#011# (from /etc/ppp/Checkpoint.options.xl2tpd) Oct 25 11:31:24 l2tp-udesktop pppd[2758]: password ??#011#011# (from /etc/ppp/Checkpoint.options.xl2tpd) Oct 25 11:31:24 l2tp-udesktop pppd[2758]: remotename #011#011# (from /etc/ppp/Checkpoint.options.xl2tpd) Oct 25 11:31:24 l2tp-udesktop kernel: [ 246.621763] pppd[2758]: segfault at 0 ip 0041f1d0 sp 7fff1da9bf10 error 4 in pppd[40+49000] Information about the affected system: root@l2tp-udesktop:~# lsb_release -rd Description:Ubuntu 12.04.3 LTS Release:12.04 root@l2tp-udesktop:~# apt-cache policy ppp ppp: Installed: 2.4.5-5ubuntu1 Candidate: 2.4.5-5ubuntu1 Version table: *** 2.4.5-5ubuntu1 0 500 http://ca.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages 100 /var/lib/dpkg/status root@l2tp-udesktop:~# dpkg -l| grep linux-image ii linux-image-3.2.0-54-virtual3.2.0-54.82 Linux kernel image for version 3.2.0 on 64 bit x86 Virtual Guests ii linux-image-3.8.0-30-generic3.8.0-30.44~precise1 Linux kernel image for version 3.8.0 on 64 bit x86 SMP ii linux-image-generic-lts-raring 3.8.0.30.30 Generic Linux kernel image ii linux-image-virtual 3.2.0.54.64 Linux kernel image for virtual machines To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ppp/+bug/1244714/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1777070] Re: firefox plugin libwidevinecdm.so crashes due to apparmor denial
> these can be added fairly soon. > https://gitlab.com/apparmor/apparmor/-/merge_requests/684 > > though that is just landing it upstream and I am not sure when the > next ubuntu upload will be At least on 20.04, the profile comes from the firefox package, not the apparmor one: $ dpkg -S /etc/apparmor.d/usr.bin.firefox firefox: /etc/apparmor.d/usr.bin.firefox Maybe I'm missing something? -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1777070 Title: firefox plugin libwidevinecdm.so crashes due to apparmor denial Status in apparmor package in Ubuntu: Confirmed Status in firefox package in Ubuntu: Confirmed Bug description: Ubuntu 18.04, Firefox 60.0.1+build2-0ubuntu0.18.04.1 Running firefix, then going to netflix.com and attempting to play a movie. The widevinecdm plugin crashes, the following is found in syslog: Jun 15 19:13:22 xplt kernel: [301351.553043] audit: type=1400 audit(1529046802.585:246): apparmor="DENIED" operation="file_mmap" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/home/xav/.mozilla/firefox/wiavokxk.default-1510977878171/gmp-widevinecdm/1.4.8.1008/libwidevinecdm.so" pid=16118 comm="plugin-containe" requested_mask="m" denied_mask="m" fsuid=1000 ouid=1000 Jun 15 19:13:22 xplt kernel: [301351.553236] audit: type=1400 audit(1529046802.585:247): apparmor="DENIED" operation="ptrace" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=24714 comm="firefox" requested_mask="trace" denied_mask="trace" peer="/usr/lib/firefox/firefox{,*[^s][^h]}" Jun 15 19:13:22 xplt kernel: [301351.553259] plugin-containe[16118]: segfault at 0 ip 7fcdfdaa76af sp 7ffc1ff03e28 error 6 in libxul.so[7fcdfb77a000+6111000] Jun 15 19:13:22 xplt snmpd[2334]: error on subcontainer 'ia_addr' insert (-1) Jun 15 19:13:22 xplt /usr/lib/gdm3/gdm-x-session[6549]: ###!!! [Parent][MessageChannel::Call] Error: Channel error: cannot send/recv Jun 15 19:13:24 xplt kernel: [301353.960182] audit: type=1400 audit(1529046804.994:248): apparmor="DENIED" operation="file_mmap" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/home/xav/.mozilla/firefox/wiavokxk.default-1510977878171/gmp-widevinecdm/1.4.8.1008/libwidevinecdm.so" pid=16135 comm="plugin-containe" requested_mask="m" denied_mask="m" fsuid=1000 ouid=1000 Jun 15 19:13:24 xplt kernel: [301353.960373] audit: type=1400 audit(1529046804.994:249): apparmor="DENIED" operation="ptrace" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=24714 comm="firefox" requested_mask="trace" denied_mask="trace" peer="/usr/lib/firefox/firefox{,*[^s][^h]}" Jun 15 19:13:24 xplt kernel: [301353.960398] plugin-containe[16135]: segfault at 0 ip 7fe3b57f46af sp 7ffe6dc0b488 error 6 in libxul.so[7fe3b34c7000+6111000] Jun 15 19:13:28 xplt kernel: [301357.859177] audit: type=1400 audit(1529046808.895:250): apparmor="DENIED" operation="file_mmap" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/home/xav/.mozilla/firefox/wiavokxk.default-1510977878171/gmp-widevinecdm/1.4.8.1008/libwidevinecdm.so" pid=16139 comm="plugin-containe" requested_mask="m" denied_mask="m" fsuid=1000 ouid=1000 Jun 15 19:13:28 xplt kernel: [301357.859328] audit: type=1400 audit(1529046808.895:251): apparmor="DENIED" operation="ptrace" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=24714 comm="firefox" requested_mask="trace" denied_mask="trace" peer="/usr/lib/firefox/firefox{,*[^s][^h]}" Jun 15 19:13:28 xplt kernel: [301357.859349] plugin-containe[16139]: segfault at 0 ip 7fcf32ae06af sp 7ffeb8a136c8 error 6 in libxul.so[7fcf307b3000+6111000] Jun 15 19:13:25 xplt /usr/lib/gdm3/gdm-x-session[6549]: ###!!! [Parent][MessageChannel::Call] Error: Channel error: cannot send/recv Jun 15 19:13:29 xplt /usr/lib/gdm3/gdm-x-session[6549]: ERROR block_reap:328: [hamster] bad exit code 1 Jun 15 19:13:29 xplt /usr/lib/gdm3/gdm-x-session[6549]: ###!!! [Parent][MessageChannel::Call] Error: Channel error: cannot send/recv Jun 15 19:13:29 xplt kernel: [301358.227635] audit: type=1400 audit(1529046809.263:252): apparmor="DENIED" operation="file_mmap" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/home/xav/.mozilla/firefox/wiavokxk.default-1510977878171/gmp-widevinecdm/1.4.8.1008/libwidevinecdm.so" pid=16188 comm="plugin-containe" requested_mask="m" denied_mask="m" fsuid=1000 ouid=1000 Jun 15 19:13:29 xplt kernel: [301358.227811] audit: type=1400 audit(1529046809.263:253): apparmor="DENIED" operation="ptrace" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=24714 comm="firefox" requested_mask="trace" denied_mask="trace" peer="/usr/lib/firefox/firefox{,*[^s][^h]}" Jun 15 19:13:29 xplt kernel: [301358.227844] plugin-containe[16188]: segfault at 0 ip 7fe5667c66af sp 7fffe8cc0da8 error 6 in libxul.so[7fe564499000+6111000] Jun 15 19:13:31 xplt kernel: [301360.574177] audit: type=1400
[Desktop-packages] [Bug 1933288] [NEW] [snap] crash during snap refresh
Public bug reported: I had a .odt file opened in libreoffice.writer when it suddenly reported having crashed. `snap info libreoffice` confirmed the snap was refreshed few minutes before I noticed the crash. This is related to LP: #1616650 but I wouldn't expect the currently running app to simply crash. Additional information: $ lsb_release -rd Description:Ubuntu 20.04.2 LTS Release:20.04 $ apt-cache policy snapd snapd: Installed: 2.49.2+20.04 Candidate: 2.49.2+20.04 Version table: *** 2.49.2+20.04 500 500 http://us.archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages 100 /var/lib/dpkg/status 2.48.3+20.04 500 500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages 2.44.3+20.04 500 500 http://us.archive.ubuntu.com/ubuntu focal/main amd64 Packages $ snap list snapd libreoffice Name Version RevTracking Publisher Notes libreoffice 7.1.4.2 223latest/stable canonical✓ - snapd2.51 12159 latest/stable canonical✓ snapd $ snap info libreoffice name:libreoffice summary: LibreOffice is a powerful office suite including word processing and creation of spreadsheets, slideshows and databases publisher: Canonical✓ store-url: https://snapcraft.io/libreoffice contact: https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bugs?field.tag=snap license: unset description: | LibreOffice is a powerful and free office suite, used by millions of people around the world. Its clean interface and feature-rich tools help you unleash your creativity and enhance your productivity. LibreOffice includes several applications that make it the most versatile Free and Open Source office suite on the market: Writer (word processing), Calc (spreadsheets), Impress (presentations), Draw (vector graphics and flowcharts), Base (databases), and Math (formula editing). commands: - libreoffice.base - libreoffice.calc - libreoffice.draw - libreoffice.filebug - libreoffice.impress - libreoffice - libreoffice.math - libreoffice.writer snap-id: CpUkI0qPIIBVRsjy49adNq4D6Ra72y4v tracking: latest/stable refresh-date: today at 21:37 EDT channels: latest/stable:7.1.4.2 2021-06-22 (223) 651MB - latest/candidate: 7.1.4.2 2021-06-09 (223) 651MB - latest/beta: ↑ latest/edge: 7.1.3.2~uc20 2021-05-08 (216) 793MB - installed: 7.1.4.2 (223) 651MB - ** Affects: libreoffice (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libreoffice in Ubuntu. https://bugs.launchpad.net/bugs/1933288 Title: [snap] crash during snap refresh Status in libreoffice package in Ubuntu: New Bug description: I had a .odt file opened in libreoffice.writer when it suddenly reported having crashed. `snap info libreoffice` confirmed the snap was refreshed few minutes before I noticed the crash. This is related to LP: #1616650 but I wouldn't expect the currently running app to simply crash. Additional information: $ lsb_release -rd Description: Ubuntu 20.04.2 LTS Release: 20.04 $ apt-cache policy snapd snapd: Installed: 2.49.2+20.04 Candidate: 2.49.2+20.04 Version table: *** 2.49.2+20.04 500 500 http://us.archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages 100 /var/lib/dpkg/status 2.48.3+20.04 500 500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages 2.44.3+20.04 500 500 http://us.archive.ubuntu.com/ubuntu focal/main amd64 Packages $ snap list snapd libreoffice Name Version RevTracking Publisher Notes libreoffice 7.1.4.2 223latest/stable canonical✓ - snapd2.51 12159 latest/stable canonical✓ snapd $ snap info libreoffice name:libreoffice summary: LibreOffice is a powerful office suite including word processing and creation of spreadsheets, slideshows and databases publisher: Canonical✓ store-url: https://snapcraft.io/libreoffice contact: https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bugs?field.tag=snap license: unset description: | LibreOffice is a powerful and free office suite, used by millions of people around the world. Its clean interface and feature-rich tools help you unleash your creativity and enhance your productivity. LibreOffice includes several applications that make it the most versatile Free and Open Source office suite on the market: Writer (word processing), Calc (spreadsheets), Impress (presentations), Draw (vector graphics and flowcharts), Base (databases), and Math (formula editing). commands: - libreoffice.base - libreoffice.calc - libreoffice.draw - libreoffice.filebug - libreoffice.impress - libreoffice
[Desktop-packages] [Bug 1905344] Re: [snap] thunderbird seccomp profile missing a few syscalls
No visible user impact other than the noise, sorry for not mentioning this outright. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/1905344 Title: [snap] thunderbird seccomp profile missing a few syscalls Status in thunderbird package in Ubuntu: New Bug description: Launching thunderbird's snap result in the following logs: Nov 23 20:07:37 simon-lemur kernel: audit: type=1326 audit(1606180057.636:655): auid=1000 uid=1000 gid=1000 ses=2 pid=8588 comm="thunderbird-bin" exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f198a2d5b9f code=0x5 Nov 23 20:07:37 simon-lemur kernel: audit: type=1326 audit(1606180057.640:656): auid=1000 uid=1000 gid=1000 ses=2 pid=8588 comm="thunderbird-bin" exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f198a2d5b9f code=0x5 Nov 23 20:07:37 simon-lemur kernel: audit: type=1326 audit(1606180057.640:657): auid=1000 uid=1000 gid=1000 ses=2 pid=8588 comm="thunderbird-bin" exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f198a2d5b9f code=0x5 Nov 23 20:07:37 simon-lemur kernel: audit: type=1326 audit(1606180057.640:658): auid=1000 uid=1000 gid=1000 ses=2 pid=8588 comm="thunderbird-bin" exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f198a2d5b9f code=0x5 Nov 23 20:07:38 simon-lemur kernel: audit: type=1326 audit(1606180058.356:659): auid=1000 uid=1000 gid=1000 ses=2 pid=8512 comm=64636F6E6620776F726B6572 exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c03e syscall=314 compat=0 ip=0x7f19894aa959 code=0x5 $ aa-decode 64636F6E6620776F726B6572 Decoded: dconf worker So syscall 203 (sys_sched_setaffinity?) and 314 (sys_sched_setattr?) are not permitted. Additional information: $ lsb_release -rd Description: Ubuntu 18.04.5 LTS Release: 18.04 $ uname -a Linux simon-lemur 5.4.0-53-generic #59~18.04.1-Ubuntu SMP Wed Oct 21 12:14:56 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ snap info thunderbird name: thunderbird summary: Mozilla Thunderbird email application publisher: Canonical✓ store-url: https://snapcraft.io/thunderbird contact: https://launchpad.net/distros/ubuntu/+source/thunderbird license: unset description: | Thunderbird is a free and open source email, newsfeed, chat, and calendaring client, that’s easy to set up and customize. One of the core principles of Thunderbird is the use and promotion of open standards - this focus is a rejection of our world of closed platforms and services that can’t communicate with each other. We want our users to have freedom and choice in how they communicate. commands: - thunderbird snap-id: k1Ml1O9GzSO2QftV0ZlWSbUfQ78nN460 tracking: latest/stable refresh-date: today at 20:00 EST channels: latest/stable:78.5.0 2020-11-18 (95) 69MB - latest/candidate: ↑ latest/beta: ↑ latest/edge: 78.5.0 2020-11-18 (95) 69MB - installed: 78.5.0(95) 69MB - To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/1905344/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1905344] [NEW] [snap] thunderbird seccomp profile missing a few syscalls
Public bug reported: Launching thunderbird's snap result in the following logs: Nov 23 20:07:37 simon-lemur kernel: audit: type=1326 audit(1606180057.636:655): auid=1000 uid=1000 gid=1000 ses=2 pid=8588 comm="thunderbird-bin" exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f198a2d5b9f code=0x5 Nov 23 20:07:37 simon-lemur kernel: audit: type=1326 audit(1606180057.640:656): auid=1000 uid=1000 gid=1000 ses=2 pid=8588 comm="thunderbird-bin" exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f198a2d5b9f code=0x5 Nov 23 20:07:37 simon-lemur kernel: audit: type=1326 audit(1606180057.640:657): auid=1000 uid=1000 gid=1000 ses=2 pid=8588 comm="thunderbird-bin" exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f198a2d5b9f code=0x5 Nov 23 20:07:37 simon-lemur kernel: audit: type=1326 audit(1606180057.640:658): auid=1000 uid=1000 gid=1000 ses=2 pid=8588 comm="thunderbird-bin" exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f198a2d5b9f code=0x5 Nov 23 20:07:38 simon-lemur kernel: audit: type=1326 audit(1606180058.356:659): auid=1000 uid=1000 gid=1000 ses=2 pid=8512 comm=64636F6E6620776F726B6572 exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c03e syscall=314 compat=0 ip=0x7f19894aa959 code=0x5 $ aa-decode 64636F6E6620776F726B6572 Decoded: dconf worker So syscall 203 (sys_sched_setaffinity?) and 314 (sys_sched_setattr?) are not permitted. Additional information: $ lsb_release -rd Description:Ubuntu 18.04.5 LTS Release:18.04 $ uname -a Linux simon-lemur 5.4.0-53-generic #59~18.04.1-Ubuntu SMP Wed Oct 21 12:14:56 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ snap info thunderbird name: thunderbird summary: Mozilla Thunderbird email application publisher: Canonical✓ store-url: https://snapcraft.io/thunderbird contact: https://launchpad.net/distros/ubuntu/+source/thunderbird license: unset description: | Thunderbird is a free and open source email, newsfeed, chat, and calendaring client, that’s easy to set up and customize. One of the core principles of Thunderbird is the use and promotion of open standards - this focus is a rejection of our world of closed platforms and services that can’t communicate with each other. We want our users to have freedom and choice in how they communicate. commands: - thunderbird snap-id: k1Ml1O9GzSO2QftV0ZlWSbUfQ78nN460 tracking: latest/stable refresh-date: today at 20:00 EST channels: latest/stable:78.5.0 2020-11-18 (95) 69MB - latest/candidate: ↑ latest/beta: ↑ latest/edge: 78.5.0 2020-11-18 (95) 69MB - installed: 78.5.0(95) 69MB - ** Affects: thunderbird (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/1905344 Title: [snap] thunderbird seccomp profile missing a few syscalls Status in thunderbird package in Ubuntu: New Bug description: Launching thunderbird's snap result in the following logs: Nov 23 20:07:37 simon-lemur kernel: audit: type=1326 audit(1606180057.636:655): auid=1000 uid=1000 gid=1000 ses=2 pid=8588 comm="thunderbird-bin" exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f198a2d5b9f code=0x5 Nov 23 20:07:37 simon-lemur kernel: audit: type=1326 audit(1606180057.640:656): auid=1000 uid=1000 gid=1000 ses=2 pid=8588 comm="thunderbird-bin" exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f198a2d5b9f code=0x5 Nov 23 20:07:37 simon-lemur kernel: audit: type=1326 audit(1606180057.640:657): auid=1000 uid=1000 gid=1000 ses=2 pid=8588 comm="thunderbird-bin" exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f198a2d5b9f code=0x5 Nov 23 20:07:37 simon-lemur kernel: audit: type=1326 audit(1606180057.640:658): auid=1000 uid=1000 gid=1000 ses=2 pid=8588 comm="thunderbird-bin" exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f198a2d5b9f code=0x5 Nov 23 20:07:38 simon-lemur kernel: audit: type=1326 audit(1606180058.356:659): auid=1000 uid=1000 gid=1000 ses=2 pid=8512 comm=64636F6E6620776F726B6572 exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c03e syscall=314 compat=0 ip=0x7f19894aa959 code=0x5 $ aa-decode 64636F6E6620776F726B6572 Decoded: dconf worker So syscall 203 (sys_sched_setaffinity?) and 314 (sys_sched_setattr?) are not permitted. Additional information: $ lsb_release -rd Description: Ubuntu 18.04.5 LTS Release: 18.04 $ uname -a Linux simon-lemur 5.4.0-53-generic #59~18.04.1-Ubuntu SMP Wed Oct 21 12:14:56
[Desktop-packages] [Bug 1890625] [NEW] chromium: missing syscalls whitelist from seccomp
Public bug reported: Whenever I start chromium's snap, I get the following messages: Aug 6 10:50:08 simon-lemur kernel: [10608.138795] audit: type=1326 audit(1596725407.998:159): auid=1000 uid=1000 gid=1000 ses=2 pid=32290 comm="chrome" exe="/snap/chromium/1244/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f8f31df4b9f code=0x5 ...{repeats 3 times}... Aug 6 10:50:08 simon-lemur org.gnome.Shell.desktop[3092]: WARNING: Kernel has no file descriptor comparison support: Operation not permitted Aug 6 10:50:08 simon-lemur kernel: [10608.433753] audit: type=1326 audit(1596725408.290:163): auid=1000 uid=1000 gid=1000 ses=2 pid=32290 comm="ThreadPoolForeg" exe="/snap/chromium/1244/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=312 compat=0 ip=0x7f8f2b614959 code=0x5 ...{repeats 4 times}... According to https://github.com/torvalds/linux/blob/master/arch/x86/entry/syscalls/syscall_64.tbl, it seems that syscall 203 is sys_sched_setaffinity and 312 is sys_kcmp. The blocking of sys_kcmp could probably explain the "WARNING: Kernel has no file descriptor comparison support: Operation not permitted" message from org.gnome.Shell.desktop. Additional information $ uname -a Linux simon-lemur 5.4.0-42-generic #46~18.04.1-Ubuntu SMP Fri Jul 10 07:21:24 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ lsb_release -rd Description:Ubuntu 18.04.4 LTS Release:18.04 $ apt-cache policy snapd snapd: Installed: 2.45.1+18.04.2 Candidate: 2.45.1+18.04.2 Version table: *** 2.45.1+18.04.2 500 500 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages 100 /var/lib/dpkg/status 2.32.5+18.04 500 500 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages $ snap info chromium name: chromium summary: Chromium web browser, open-source version of Chrome publisher: Canonical✓ store-url: https://snapcraft.io/chromium contact: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bugs?field.tag=snap license: unset description: | An open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web. commands: - chromium.chromedriver - chromium snap-id: XKEcBqPM06H1Z7zGOdG5fbICuf8NWK5R tracking: latest/stable refresh-date: 7 days ago, at 11:45 EDT channels: latest/stable:84.0.4147.105 2020-07-30 (1244) 166MB - latest/candidate: 84.0.4147.105 2020-07-30 (1244) 166MB - latest/beta: 85.0.4183.49 2020-07-31 (1248) 167MB - latest/edge: 86.0.4221.3 2020-08-05 (1257) 167MB - installed: 84.0.4147.105(1244) 166MB - ** Affects: chromium-browser (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1890625 Title: chromium: missing syscalls whitelist from seccomp Status in chromium-browser package in Ubuntu: New Bug description: Whenever I start chromium's snap, I get the following messages: Aug 6 10:50:08 simon-lemur kernel: [10608.138795] audit: type=1326 audit(1596725407.998:159): auid=1000 uid=1000 gid=1000 ses=2 pid=32290 comm="chrome" exe="/snap/chromium/1244/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=203 compat=0 ip=0x7f8f31df4b9f code=0x5 ...{repeats 3 times}... Aug 6 10:50:08 simon-lemur org.gnome.Shell.desktop[3092]: WARNING: Kernel has no file descriptor comparison support: Operation not permitted Aug 6 10:50:08 simon-lemur kernel: [10608.433753] audit: type=1326 audit(1596725408.290:163): auid=1000 uid=1000 gid=1000 ses=2 pid=32290 comm="ThreadPoolForeg" exe="/snap/chromium/1244/usr/lib/chromium-browser/chrome" sig=0 arch=c03e syscall=312 compat=0 ip=0x7f8f2b614959 code=0x5 ...{repeats 4 times}... According to https://github.com/torvalds/linux/blob/master/arch/x86/entry/syscalls/syscall_64.tbl, it seems that syscall 203 is sys_sched_setaffinity and 312 is sys_kcmp. The blocking of sys_kcmp could probably explain the "WARNING: Kernel has no file descriptor comparison support: Operation not permitted" message from org.gnome.Shell.desktop. Additional information $ uname -a Linux simon-lemur 5.4.0-42-generic #46~18.04.1-Ubuntu SMP Fri Jul 10 07:21:24 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ lsb_release -rd Description: Ubuntu 18.04.4 LTS Release: 18.04 $ apt-cache policy snapd snapd: Installed: 2.45.1+18.04.2 Candidate: 2.45.1+18.04.2 Version table: *** 2.45.1+18.04.2 500 500 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages 100 /var/lib/dpkg/status 2.32.5+18.04 500 500
[Desktop-packages] [Bug 1860461] Re: libgnutls30 3.6.11.1-2ubuntu2 (Ubuntu 20.04) breaks pulseui client with error "Error performing TLS handshake: The Diffie-Hellman prime sent by the server is not a
Oops, it should have been LOW, not LEGACY. Here it is again to avoid any confusion: As a workaround, can you try lowering the profile from MEDIUM [1] to LOW [2]: sudo mkdir /etc/gnutls cat << EOF | sudo tee -a /etc/gnutls/config [overrides] default-priority-string = NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-DTLS1.2:%PROFILE_LOW EOF 1: https://git.launchpad.net/ubuntu/+source/gnutls28/tree/debian/rules#n38 2: https://gnutls.org/manual/html_node/Selecting-cryptographic-key-sizes.html#Selecting-cryptographic-key-sizes -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-online-accounts in Ubuntu. https://bugs.launchpad.net/bugs/1860461 Title: libgnutls30 3.6.11.1-2ubuntu2 (Ubuntu 20.04) breaks pulseui client with error "Error performing TLS handshake: The Diffie-Hellman prime sent by the server is not acceptable (not long enough)." Status in evolution package in Ubuntu: Confirmed Status in gnome-online-accounts package in Ubuntu: Confirmed Status in gnutls28 package in Ubuntu: Incomplete Bug description: After upgrade to 20.04 package libgnutls30 broke pulseUI VPN client with the following error: "Error performing TLS handshake: The Diffie-Hellman prime sent by the server is not acceptable (not long enough)." I had to revert the package to the 19.10 version (3.6.9-5ubuntu1) and to install 19.10 dependency libhogweed4 3.4.1-1 to fix it. ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: libgnutls30 3.6.9-5ubuntu1 ProcVersionSignature: Ubuntu 5.4.0-9.12-generic 5.4.3 Uname: Linux 5.4.0-9-generic x86_64 ApportVersion: 2.20.11-0ubuntu15 Architecture: amd64 Date: Tue Jan 21 17:48:39 2020 InstallationDate: Installed on 2017-06-21 (943 days ago) InstallationMedia: Ubuntu 17.04 "Zesty Zapus" - Release amd64 (20170412) SourcePackage: gnutls28 UpgradeStatus: Upgraded to focal on 2020-01-10 (10 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evolution/+bug/1860461/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1866974] Re: The Diffie-Hellman prime sent by the server is not acceptable
*** This bug is a duplicate of bug 1872778 *** https://bugs.launchpad.net/bugs/1872778 As a workaround, can you try lowering the profile from MEDIUM [1] to LOW [2]: sudo mkdir /etc/gnutls cat << EOF | sudo tee -a /etc/gnutls/config [overrides] default-priority-string = NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-DTLS1.2:%PROFILE_LOW EOF 1: https://git.launchpad.net/ubuntu/+source/gnutls28/tree/debian/rules#n38 2: https://gnutls.org/manual/html_node/Selecting-cryptographic-key-sizes.html#Selecting-cryptographic-key-sizes -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-online-accounts in Ubuntu. https://bugs.launchpad.net/bugs/1866974 Title: The Diffie-Hellman prime sent by the server is not acceptable Status in evolution package in Ubuntu: Confirmed Status in gnome-online-accounts package in Ubuntu: New Bug description: I can no longer connect to my ISP mail server. Works in previous version 19.10 "The reported error was “Failed to get capabilities: Error performing TLS handshake: The Diffie-Hellman prime sent by the server is not acceptable (not long enough).”." I've tried finding a workaround but so far no luck. ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: evolution 3.35.92-1 ProcVersionSignature: Ubuntu 5.4.0-18.22-generic 5.4.24 Uname: Linux 5.4.0-18-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.11-0ubuntu20 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Wed Mar 11 11:07:01 2020 InstallationDate: Installed on 2020-03-03 (7 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Alpha amd64 (20200303) SourcePackage: evolution UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evolution/+bug/1866974/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1860461] Re: libgnutls30 3.6.11.1-2ubuntu2 (Ubuntu 20.04) breaks pulseui client with error "Error performing TLS handshake: The Diffie-Hellman prime sent by the server is not a
As a workaround, can you try lowering the profile from MEDIUM [1] to LEGACY: sudo mkdir /etc/gnutls cat << EOF | sudo tee -a /etc/gnutls/config [overrides] default-priority-string = NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-DTLS1.2:%PROFILE_LEGACY EOF 1: https://git.launchpad.net/ubuntu/+source/gnutls28/tree/debian/rules#n38 ** Changed in: gnutls28 (Ubuntu) Status: Confirmed => Incomplete -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-online-accounts in Ubuntu. https://bugs.launchpad.net/bugs/1860461 Title: libgnutls30 3.6.11.1-2ubuntu2 (Ubuntu 20.04) breaks pulseui client with error "Error performing TLS handshake: The Diffie-Hellman prime sent by the server is not acceptable (not long enough)." Status in evolution package in Ubuntu: Confirmed Status in gnome-online-accounts package in Ubuntu: Confirmed Status in gnutls28 package in Ubuntu: Incomplete Bug description: After upgrade to 20.04 package libgnutls30 broke pulseUI VPN client with the following error: "Error performing TLS handshake: The Diffie-Hellman prime sent by the server is not acceptable (not long enough)." I had to revert the package to the 19.10 version (3.6.9-5ubuntu1) and to install 19.10 dependency libhogweed4 3.4.1-1 to fix it. ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: libgnutls30 3.6.9-5ubuntu1 ProcVersionSignature: Ubuntu 5.4.0-9.12-generic 5.4.3 Uname: Linux 5.4.0-9-generic x86_64 ApportVersion: 2.20.11-0ubuntu15 Architecture: amd64 Date: Tue Jan 21 17:48:39 2020 InstallationDate: Installed on 2017-06-21 (943 days ago) InstallationMedia: Ubuntu 17.04 "Zesty Zapus" - Release amd64 (20170412) SourcePackage: gnutls28 UpgradeStatus: Upgraded to focal on 2020-01-10 (10 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evolution/+bug/1860461/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1860461] Re: libgnutls30 3.6.11.1-2ubuntu2 (Ubuntu 20.04) breaks pulseui client with error "Error performing TLS handshake: The Diffie-Hellman prime sent by the server is not a
** This bug is no longer a duplicate of bug 1872778 update-crypto-policies not affecting Gnome Online Accounts -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-online-accounts in Ubuntu. https://bugs.launchpad.net/bugs/1860461 Title: libgnutls30 3.6.11.1-2ubuntu2 (Ubuntu 20.04) breaks pulseui client with error "Error performing TLS handshake: The Diffie-Hellman prime sent by the server is not acceptable (not long enough)." Status in evolution package in Ubuntu: Confirmed Status in gnome-online-accounts package in Ubuntu: Confirmed Status in gnutls28 package in Ubuntu: Incomplete Bug description: After upgrade to 20.04 package libgnutls30 broke pulseUI VPN client with the following error: "Error performing TLS handshake: The Diffie-Hellman prime sent by the server is not acceptable (not long enough)." I had to revert the package to the 19.10 version (3.6.9-5ubuntu1) and to install 19.10 dependency libhogweed4 3.4.1-1 to fix it. ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: libgnutls30 3.6.9-5ubuntu1 ProcVersionSignature: Ubuntu 5.4.0-9.12-generic 5.4.3 Uname: Linux 5.4.0-9-generic x86_64 ApportVersion: 2.20.11-0ubuntu15 Architecture: amd64 Date: Tue Jan 21 17:48:39 2020 InstallationDate: Installed on 2017-06-21 (943 days ago) InstallationMedia: Ubuntu 17.04 "Zesty Zapus" - Release amd64 (20170412) SourcePackage: gnutls28 UpgradeStatus: Upgraded to focal on 2020-01-10 (10 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evolution/+bug/1860461/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1866369] [NEW] [snap] 80.0.3987.132 require new apparmor rules
Public bug reported: Since the snap upgrade to 80.0.3987.132, chromium keeps complaining about I/O errors that are apparently due to missing Apparmor rules. Here is what gets logged by "journalctl -f -o cat" when starting and closing chromium: AVC apparmor="DENIED" operation="unlink" profile="snap.chromium.chromium" name=2F686F6D652F7364657A69656C2F736E61702F6368726F6D69756D2F313034302F2E636F6E6669672F6368726F6D69756D2F44656661756C742F4C6173742053657373696F6E pid=6794 comm="ThreadPoolForeg" requested_mask="d" denied_mask="d" fsuid=1000 ouid=1000 AVC apparmor="DENIED" operation="rename_src" profile="snap.chromium.chromium" name=2F686F6D652F7364657A69656C2F736E61702F6368726F6D69756D2F313034302F2E636F6E6669672F6368726F6D69756D2F44656661756C742F43757272656E742053657373696F6E pid=6794 comm="ThreadPoolForeg" requested_mask="wd" denied_mask="wd" fsuid=1000 ouid=1000 audit: type=1400 audit(1583509664.429:3450): apparmor="DENIED" operation="unlink" profile="snap.chromium.chromium" name=2F686F6D652F7364657A69656C2F736E61702F6368726F6D69756D2F313034302F2E636F6E6669672F6368726F6D69756D2F44656661756C742F4C6173742053657373696F6E pid=6794 comm="ThreadPoolForeg" requested_mask="d" denied_mask="d" fsuid=1000 ouid=1000 audit: type=1400 audit(1583509664.429:3451): apparmor="DENIED" operation="rename_src" profile="snap.chromium.chromium" name=2F686F6D652F7364657A69656C2F736E61702F6368726F6D69756D2F313034302F2E636F6E6669672F6368726F6D69756D2F44656661756C742F43757272656E742053657373696F6E pid=6794 comm="ThreadPoolForeg" requested_mask="wd" denied_mask="wd" fsuid=1000 ouid=1000 AVC apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name=2F686F6D652F7364657A69656C2F736E61702F6368726F6D69756D2F313034302F2E636F6E6669672F6368726F6D69756D2F44656661756C742F4C6173742053657373696F6E pid=6794 comm="ThreadPoolForeg" requested_mask="wc" denied_mask="wc" fsuid=1000 ouid=1000 AVC apparmor="DENIED" operation="unlink" profile="snap.chromium.chromium" name=2F686F6D652F7364657A69656C2F736E61702F6368726F6D69756D2F313034302F2E636F6E6669672F6368726F6D69756D2F44656661756C742F43757272656E742053657373696F6E pid=6794 comm="ThreadPoolForeg" requested_mask="d" denied_mask="d" fsuid=1000 ouid=1000 AVC apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name=2F686F6D652F7364657A69656C2F736E61702F6368726F6D69756D2F313034302F2E636F6E6669672F6368726F6D69756D2F44656661756C742F43757272656E742053657373696F6E pid=6794 comm="ThreadPoolForeg" requested_mask="wc" denied_mask="wc" fsuid=1000 ouid=1000 audit: type=1400 audit(1583509664.433:3452): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name=2F686F6D652F7364657A69656C2F736E61702F6368726F6D69756D2F313034302F2E636F6E6669672F6368726F6D69756D2F44656661756C742F4C6173742053657373696F6E pid=6794 comm="ThreadPoolForeg" requested_mask="wc" denied_mask="wc" fsuid=1000 ouid=1000 audit: type=1400 audit(1583509664.433:3453): apparmor="DENIED" operation="unlink" profile="snap.chromium.chromium" name=2F686F6D652F7364657A69656C2F736E61702F6368726F6D69756D2F313034302F2E636F6E6669672F6368726F6D69756D2F44656661756C742F43757272656E742053657373696F6E pid=6794 comm="ThreadPoolForeg" requested_mask="d" denied_mask="d" fsuid=1000 ouid=1000 audit: type=1400 audit(1583509664.433:3454): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name=2F686F6D652F7364657A69656C2F736E61702F6368726F6D69756D2F313034302F2E636F6E6669672F6368726F6D69756D2F44656661756C742F43757272656E742053657373696F6E pid=6794 comm="ThreadPoolForeg" requested_mask="wc" denied_mask="wc" fsuid=1000 ouid=1000 [6794:6794:0306/104744.442966:ERROR:browser_main_loop.cc(277)] Gtk: gtk_icon_info_load_symbolic_for_context: assertion 'icon_info != NULL' failed gdk_pixbuf_get_width: assertion 'GDK_IS_PIXBUF (pixbuf)' failed gdk_pixbuf_get_height: assertion 'GDK_IS_PIXBUF (pixbuf)' failed [6794:6794:0306/104744.443908:ERROR:browser_main_loop.cc(277)] Gtk: gtk_icon_info_load_symbolic_for_context: assertion 'icon_info != NULL' failed gdk_pixbuf_get_width: assertion 'GDK_IS_PIXBUF (pixbuf)' failed gdk_pixbuf_get_height: assertion 'GDK_IS_PIXBUF (pixbuf)' failed [6794:6794:0306/104744.52:ERROR:browser_main_loop.cc(277)] Gtk: gtk_icon_info_load_symbolic_for_context: assertion 'icon_info != NULL' failed gdk_pixbuf_get_width: assertion 'GDK_IS_PIXBUF (pixbuf)' failed gdk_pixbuf_get_height: assertion 'GDK_IS_PIXBUF (pixbuf)' failed Opening in existing browser session. AVC apparmor="DENIED" operation="truncate" profile="snap.chromium.chromium" name="/home/sdeziel/snap/chromium/1040/.config/chromium/Default/History-journal" pid=6794 comm="Chrome_HistoryT" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000 [6794:6937:0306/104744.470760:ERROR:database.cc(1584)] History sqlite error 1546, errno 0: disk I/O error, sql: SELECT segment_id, time_slot, visit_count FROM segment_usage WHERE time_slot >= ? ORDER BY segment_id audit: type=1400 audit(1583509664.465:3455):
[Desktop-packages] [Bug 1862262] Re: [snap] apparmor denials on /sys/devices/virtual/dmi/id/sys_vendor and product_name
So this bug will be fixed when snapd's 2.43 SRU goes through. I appreciate the pointer for the gpu-process sanboxing problem and its workaround! Many thanks Jalon! -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1862262 Title: [snap] apparmor denials on /sys/devices/virtual/dmi/id/sys_vendor and product_name Status in chromium-browser package in Ubuntu: New Bug description: When starting chromium's snap, those messages are logged: Feb 6 12:34:17 foo kernel: [106190.836260] audit: type=1400 audit(1581010457.097:1372): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/sys_vendor" pid=20044 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Feb 6 12:34:17 foo kernel: [106190.836401] audit: type=1400 audit(1581010457.097:1373): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/product_name" pid=20044 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Feb 6 12:34:17 foo chromium_chromium.desktop[20044]: [20191:20191:0206/123417.177438:ERROR:sandbox_linux.cc(374)] InitializeSandbox() called with multiple threads in process gpu-process. Chromium seemingly behaves OK but possibly with reduced sandboxing? Additional info: $ snap info chromium name: chromium summary: Chromium web browser, open-source version of Chrome publisher: Canonical✓ contact: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bugs?field.tag=snap license: unset description: | An open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web. commands: - chromium.chromedriver - chromium snap-id: XKEcBqPM06H1Z7zGOdG5fbICuf8NWK5R tracking: stable refresh-date: yesterday at 17:45 EST channels: stable:80.0.3987.87 2020-02-05 (1016) 160MB - candidate: 80.0.3987.87 2020-02-05 (1016) 160MB - beta: 80.0.3987.85 2020-02-04 (1014) 160MB - edge: 81.0.4040.5 2020-02-06 (1018) 161MB - installed: 80.0.3987.87(1016) 160MB - $ uname -a Linux simon-lemur 5.3.0-28-generic #30~18.04.1-Ubuntu SMP Fri Jan 17 06:14:09 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ lsb_release -rd Description: Ubuntu 18.04.4 LTS Release: 18.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1862262/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1862262] Re: [snap] apparmor denials on /sys/devices/virtual/dmi/id/sys_vendor and product_name
** Tags added: snap -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1862262 Title: [snap] apparmor denials on /sys/devices/virtual/dmi/id/sys_vendor and product_name Status in chromium-browser package in Ubuntu: New Bug description: When starting chromium's snap, those messages are logged: Feb 6 12:34:17 foo kernel: [106190.836260] audit: type=1400 audit(1581010457.097:1372): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/sys_vendor" pid=20044 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Feb 6 12:34:17 foo kernel: [106190.836401] audit: type=1400 audit(1581010457.097:1373): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/product_name" pid=20044 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Feb 6 12:34:17 foo chromium_chromium.desktop[20044]: [20191:20191:0206/123417.177438:ERROR:sandbox_linux.cc(374)] InitializeSandbox() called with multiple threads in process gpu-process. Chromium seemingly behaves OK but possibly with reduced sandboxing? Additional info: $ snap info chromium name: chromium summary: Chromium web browser, open-source version of Chrome publisher: Canonical✓ contact: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bugs?field.tag=snap license: unset description: | An open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web. commands: - chromium.chromedriver - chromium snap-id: XKEcBqPM06H1Z7zGOdG5fbICuf8NWK5R tracking: stable refresh-date: yesterday at 17:45 EST channels: stable:80.0.3987.87 2020-02-05 (1016) 160MB - candidate: 80.0.3987.87 2020-02-05 (1016) 160MB - beta: 80.0.3987.85 2020-02-04 (1014) 160MB - edge: 81.0.4040.5 2020-02-06 (1018) 161MB - installed: 80.0.3987.87(1016) 160MB - $ uname -a Linux simon-lemur 5.3.0-28-generic #30~18.04.1-Ubuntu SMP Fri Jan 17 06:14:09 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ lsb_release -rd Description: Ubuntu 18.04.4 LTS Release: 18.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1862262/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1862262] [NEW] [snap] apparmor denials on /sys/devices/virtual/dmi/id/sys_vendor and product_name
Public bug reported: When starting chromium's snap, those messages are logged: Feb 6 12:34:17 foo kernel: [106190.836260] audit: type=1400 audit(1581010457.097:1372): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/sys_vendor" pid=20044 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Feb 6 12:34:17 foo kernel: [106190.836401] audit: type=1400 audit(1581010457.097:1373): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/product_name" pid=20044 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Feb 6 12:34:17 foo chromium_chromium.desktop[20044]: [20191:20191:0206/123417.177438:ERROR:sandbox_linux.cc(374)] InitializeSandbox() called with multiple threads in process gpu-process. Chromium seemingly behaves OK but possibly with reduced sandboxing? Additional info: $ snap info chromium name: chromium summary: Chromium web browser, open-source version of Chrome publisher: Canonical✓ contact: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bugs?field.tag=snap license: unset description: | An open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web. commands: - chromium.chromedriver - chromium snap-id: XKEcBqPM06H1Z7zGOdG5fbICuf8NWK5R tracking: stable refresh-date: yesterday at 17:45 EST channels: stable:80.0.3987.87 2020-02-05 (1016) 160MB - candidate: 80.0.3987.87 2020-02-05 (1016) 160MB - beta: 80.0.3987.85 2020-02-04 (1014) 160MB - edge: 81.0.4040.5 2020-02-06 (1018) 161MB - installed: 80.0.3987.87(1016) 160MB - $ uname -a Linux simon-lemur 5.3.0-28-generic #30~18.04.1-Ubuntu SMP Fri Jan 17 06:14:09 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ lsb_release -rd Description:Ubuntu 18.04.4 LTS Release:18.04 ** Affects: chromium-browser (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1862262 Title: [snap] apparmor denials on /sys/devices/virtual/dmi/id/sys_vendor and product_name Status in chromium-browser package in Ubuntu: New Bug description: When starting chromium's snap, those messages are logged: Feb 6 12:34:17 foo kernel: [106190.836260] audit: type=1400 audit(1581010457.097:1372): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/sys_vendor" pid=20044 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Feb 6 12:34:17 foo kernel: [106190.836401] audit: type=1400 audit(1581010457.097:1373): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/sys/devices/virtual/dmi/id/product_name" pid=20044 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Feb 6 12:34:17 foo chromium_chromium.desktop[20044]: [20191:20191:0206/123417.177438:ERROR:sandbox_linux.cc(374)] InitializeSandbox() called with multiple threads in process gpu-process. Chromium seemingly behaves OK but possibly with reduced sandboxing? Additional info: $ snap info chromium name: chromium summary: Chromium web browser, open-source version of Chrome publisher: Canonical✓ contact: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bugs?field.tag=snap license: unset description: | An open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web. commands: - chromium.chromedriver - chromium snap-id: XKEcBqPM06H1Z7zGOdG5fbICuf8NWK5R tracking: stable refresh-date: yesterday at 17:45 EST channels: stable:80.0.3987.87 2020-02-05 (1016) 160MB - candidate: 80.0.3987.87 2020-02-05 (1016) 160MB - beta: 80.0.3987.85 2020-02-04 (1014) 160MB - edge: 81.0.4040.5 2020-02-06 (1018) 161MB - installed: 80.0.3987.87(1016) 160MB - $ uname -a Linux simon-lemur 5.3.0-28-generic #30~18.04.1-Ubuntu SMP Fri Jan 17 06:14:09 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ lsb_release -rd Description: Ubuntu 18.04.4 LTS Release: 18.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1862262/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
Re: [Desktop-packages] [Bug 1718227] Re: replacement of ifupdown with netplan needs integration for /etc/network/if{up, down}.d scripts
On 2019-12-11 12:33 p.m., Rafael David Tinoco wrote: > For openvpn + systemd-resolve: > > With "up / down" openvpn config file commands you can wrap "systemd- > resolve --set-dns=XXX" and update the given DNS servers. There's a package for that: openvpn-systemd-resolved -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to wpa in Ubuntu. https://bugs.launchpad.net/bugs/1718227 Title: replacement of ifupdown with netplan needs integration for /etc/network/if{up,down}.d scripts Status in aiccu package in Ubuntu: Invalid Status in aoetools package in Ubuntu: New Status in avahi package in Ubuntu: New Status in bind9 package in Ubuntu: Invalid Status in chrony package in Ubuntu: Fix Released Status in clamav package in Ubuntu: Triaged Status in controlaula package in Ubuntu: Invalid Status in ethtool package in Ubuntu: Triaged Status in guidedog package in Ubuntu: New Status in htpdate package in Ubuntu: New Status in ifenslave package in Ubuntu: Won't Fix Status in ifmetric package in Ubuntu: Won't Fix Status in ifupdown-multi package in Ubuntu: New Status in ifupdown-scripts-zg2 package in Ubuntu: Invalid Status in isatapd package in Ubuntu: New Status in lprng package in Ubuntu: New Status in miredo package in Ubuntu: New Status in mythtv package in Ubuntu: New Status in nplan package in Ubuntu: New Status in nss-pam-ldapd package in Ubuntu: New Status in ntp package in Ubuntu: Won't Fix Status in openntpd package in Ubuntu: New Status in openresolv package in Ubuntu: Won't Fix Status in openssh package in Ubuntu: Fix Released Status in openvpn package in Ubuntu: Confirmed Status in openvswitch package in Ubuntu: Triaged Status in postfix package in Ubuntu: New Status in quicktun package in Ubuntu: New Status in resolvconf package in Ubuntu: New Status in sendmail package in Ubuntu: New Status in shorewall-init package in Ubuntu: New Status in sidedoor package in Ubuntu: New Status in slrn package in Ubuntu: New Status in tinc package in Ubuntu: New Status in ubuntu-fan package in Ubuntu: Fix Released Status in ucarp package in Ubuntu: New Status in uml-utilities package in Ubuntu: New Status in uruk package in Ubuntu: New Status in vlan package in Ubuntu: Won't Fix Status in vzctl package in Ubuntu: Triaged Status in wide-dhcpv6 package in Ubuntu: New Status in wpa package in Ubuntu: New Bug description: when network is configured with ifupdown, scripts in /etc/network/ifup.d/ were called on network being brought up and /etc/network/ifdown.d were called on network being brought down. Any packages that shipped these hooks need to be verified to have the same functionality under a netplan configured system. # binpkgs=$(apt-file search /etc/network/if-up | sed 's,: .*,,' | sort -u) # for i in $binpkgs; do src=$(apt-cache show $i | awk '$1 == "Source:" { print $2; exit(0); }'); [ -z "$src" ] && src="$i"; echo $src; done | sort -u aiccu aoetools avahi bind9 chrony clamav controlaula epoptes ethtool guidedog htpdate ifenslave ifmetric ifupdown-extra ifupdown-multi ifupdown-scripts-zg2 isatapd lprng miredo mythtv-backend nss-pam-ldapd ntp openntpd openresolv openssh openvpn postfix quicktun resolvconf sendmail shorewall-init sidedoor slrn tinc ubuntu-fan ucarp uml-utilities uruk vlan vzctl wide-dhcpv6 wpa Related bugs: * bug 1718227: replacement of ifupdown with netplan needs integration for /etc/network/if{up,down}.d scripts * bug 1713803: replacement of resolvconf with systemd needs integration * bug 1717983: replacement of isc-dhcp-client with with systemd-networkd for dhclient needs integration ProblemType: Bug DistroRelease: Ubuntu 17.10 Package: netplan (not installed) ProcVersionSignature: Ubuntu 4.12.0-11.12-generic 4.12.5 Uname: Linux 4.12.0-11-generic x86_64 NonfreeKernelModules: zfs zunicode zavl zcommon znvpair ApportVersion: 2.20.7-0ubuntu1 Architecture: amd64 CurrentDesktop: GNOME Date: Tue Sep 19 10:53:08 2017 EcryptfsInUse: Yes InstallationDate: Installed on 2015-07-23 (789 days ago) InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Alpha amd64 (20150722.1) ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: plan UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aiccu/+bug/1718227/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
Re: [Desktop-packages] [Bug 1718227] Re: replacement of ifupdown with netplan needs integration for /etc/network/if{up, down}.d scripts
On 2019-12-11 12:33 p.m., Rafael David Tinoco wrote: > For openvpn + systemd-resolve: > > With "up / down" openvpn config file commands you can wrap "systemd- > resolve --set-dns=XXX" and update the given DNS servers. There's a package for that: openvpn-systemd-resolved -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to wpa in Ubuntu. https://bugs.launchpad.net/bugs/1718227 Title: replacement of ifupdown with netplan needs integration for /etc/network/if{up,down}.d scripts Status in aiccu package in Ubuntu: Invalid Status in aoetools package in Ubuntu: New Status in avahi package in Ubuntu: New Status in bind9 package in Ubuntu: Invalid Status in chrony package in Ubuntu: Fix Released Status in clamav package in Ubuntu: Triaged Status in controlaula package in Ubuntu: Invalid Status in ethtool package in Ubuntu: Triaged Status in guidedog package in Ubuntu: New Status in htpdate package in Ubuntu: New Status in ifenslave package in Ubuntu: Won't Fix Status in ifmetric package in Ubuntu: Won't Fix Status in ifupdown-multi package in Ubuntu: New Status in ifupdown-scripts-zg2 package in Ubuntu: Invalid Status in isatapd package in Ubuntu: New Status in lprng package in Ubuntu: New Status in miredo package in Ubuntu: New Status in mythtv package in Ubuntu: New Status in nplan package in Ubuntu: New Status in nss-pam-ldapd package in Ubuntu: New Status in ntp package in Ubuntu: Won't Fix Status in openntpd package in Ubuntu: New Status in openresolv package in Ubuntu: Won't Fix Status in openssh package in Ubuntu: Fix Released Status in openvpn package in Ubuntu: Confirmed Status in openvswitch package in Ubuntu: Triaged Status in postfix package in Ubuntu: New Status in quicktun package in Ubuntu: New Status in resolvconf package in Ubuntu: New Status in sendmail package in Ubuntu: New Status in shorewall-init package in Ubuntu: New Status in sidedoor package in Ubuntu: New Status in slrn package in Ubuntu: New Status in tinc package in Ubuntu: New Status in ubuntu-fan package in Ubuntu: Fix Released Status in ucarp package in Ubuntu: New Status in uml-utilities package in Ubuntu: New Status in uruk package in Ubuntu: New Status in vlan package in Ubuntu: Won't Fix Status in vzctl package in Ubuntu: Triaged Status in wide-dhcpv6 package in Ubuntu: New Status in wpa package in Ubuntu: New Bug description: when network is configured with ifupdown, scripts in /etc/network/ifup.d/ were called on network being brought up and /etc/network/ifdown.d were called on network being brought down. Any packages that shipped these hooks need to be verified to have the same functionality under a netplan configured system. # binpkgs=$(apt-file search /etc/network/if-up | sed 's,: .*,,' | sort -u) # for i in $binpkgs; do src=$(apt-cache show $i | awk '$1 == "Source:" { print $2; exit(0); }'); [ -z "$src" ] && src="$i"; echo $src; done | sort -u aiccu aoetools avahi bind9 chrony clamav controlaula epoptes ethtool guidedog htpdate ifenslave ifmetric ifupdown-extra ifupdown-multi ifupdown-scripts-zg2 isatapd lprng miredo mythtv-backend nss-pam-ldapd ntp openntpd openresolv openssh openvpn postfix quicktun resolvconf sendmail shorewall-init sidedoor slrn tinc ubuntu-fan ucarp uml-utilities uruk vlan vzctl wide-dhcpv6 wpa Related bugs: * bug 1718227: replacement of ifupdown with netplan needs integration for /etc/network/if{up,down}.d scripts * bug 1713803: replacement of resolvconf with systemd needs integration * bug 1717983: replacement of isc-dhcp-client with with systemd-networkd for dhclient needs integration ProblemType: Bug DistroRelease: Ubuntu 17.10 Package: netplan (not installed) ProcVersionSignature: Ubuntu 4.12.0-11.12-generic 4.12.5 Uname: Linux 4.12.0-11-generic x86_64 NonfreeKernelModules: zfs zunicode zavl zcommon znvpair ApportVersion: 2.20.7-0ubuntu1 Architecture: amd64 CurrentDesktop: GNOME Date: Tue Sep 19 10:53:08 2017 EcryptfsInUse: Yes InstallationDate: Installed on 2015-07-23 (789 days ago) InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Alpha amd64 (20150722.1) ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: plan UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aiccu/+bug/1718227/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1718227] Re: replacement of ifupdown with netplan needs integration for /etc/network/if{up, down}.d scripts
> For openvpn + systemd-resolve: > > With "up / down" openvpn config file commands you can wrap "systemd- > resolve --set-dns=XXX" and update the given DNS servers. There's a package for that: openvpn-systemd-resolved -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to wpa in Ubuntu. https://bugs.launchpad.net/bugs/1718227 Title: replacement of ifupdown with netplan needs integration for /etc/network/if{up,down}.d scripts Status in aiccu package in Ubuntu: Invalid Status in aoetools package in Ubuntu: New Status in avahi package in Ubuntu: New Status in bind9 package in Ubuntu: Invalid Status in chrony package in Ubuntu: Fix Released Status in clamav package in Ubuntu: Triaged Status in controlaula package in Ubuntu: Invalid Status in ethtool package in Ubuntu: Triaged Status in guidedog package in Ubuntu: New Status in htpdate package in Ubuntu: New Status in ifenslave package in Ubuntu: Won't Fix Status in ifmetric package in Ubuntu: Won't Fix Status in ifupdown-multi package in Ubuntu: New Status in ifupdown-scripts-zg2 package in Ubuntu: Invalid Status in isatapd package in Ubuntu: New Status in lprng package in Ubuntu: New Status in miredo package in Ubuntu: New Status in mythtv package in Ubuntu: New Status in nplan package in Ubuntu: New Status in nss-pam-ldapd package in Ubuntu: New Status in ntp package in Ubuntu: Won't Fix Status in openntpd package in Ubuntu: New Status in openresolv package in Ubuntu: Won't Fix Status in openssh package in Ubuntu: Fix Released Status in openvpn package in Ubuntu: Confirmed Status in openvswitch package in Ubuntu: Triaged Status in postfix package in Ubuntu: New Status in quicktun package in Ubuntu: New Status in resolvconf package in Ubuntu: New Status in sendmail package in Ubuntu: New Status in shorewall-init package in Ubuntu: New Status in sidedoor package in Ubuntu: New Status in slrn package in Ubuntu: New Status in tinc package in Ubuntu: New Status in ubuntu-fan package in Ubuntu: Fix Released Status in ucarp package in Ubuntu: New Status in uml-utilities package in Ubuntu: New Status in uruk package in Ubuntu: New Status in vlan package in Ubuntu: Won't Fix Status in vzctl package in Ubuntu: Triaged Status in wide-dhcpv6 package in Ubuntu: New Status in wpa package in Ubuntu: New Bug description: when network is configured with ifupdown, scripts in /etc/network/ifup.d/ were called on network being brought up and /etc/network/ifdown.d were called on network being brought down. Any packages that shipped these hooks need to be verified to have the same functionality under a netplan configured system. # binpkgs=$(apt-file search /etc/network/if-up | sed 's,: .*,,' | sort -u) # for i in $binpkgs; do src=$(apt-cache show $i | awk '$1 == "Source:" { print $2; exit(0); }'); [ -z "$src" ] && src="$i"; echo $src; done | sort -u aiccu aoetools avahi bind9 chrony clamav controlaula epoptes ethtool guidedog htpdate ifenslave ifmetric ifupdown-extra ifupdown-multi ifupdown-scripts-zg2 isatapd lprng miredo mythtv-backend nss-pam-ldapd ntp openntpd openresolv openssh openvpn postfix quicktun resolvconf sendmail shorewall-init sidedoor slrn tinc ubuntu-fan ucarp uml-utilities uruk vlan vzctl wide-dhcpv6 wpa Related bugs: * bug 1718227: replacement of ifupdown with netplan needs integration for /etc/network/if{up,down}.d scripts * bug 1713803: replacement of resolvconf with systemd needs integration * bug 1717983: replacement of isc-dhcp-client with with systemd-networkd for dhclient needs integration ProblemType: Bug DistroRelease: Ubuntu 17.10 Package: netplan (not installed) ProcVersionSignature: Ubuntu 4.12.0-11.12-generic 4.12.5 Uname: Linux 4.12.0-11-generic x86_64 NonfreeKernelModules: zfs zunicode zavl zcommon znvpair ApportVersion: 2.20.7-0ubuntu1 Architecture: amd64 CurrentDesktop: GNOME Date: Tue Sep 19 10:53:08 2017 EcryptfsInUse: Yes InstallationDate: Installed on 2015-07-23 (789 days ago) InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Alpha amd64 (20150722.1) ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: plan UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aiccu/+bug/1718227/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1828275] [NEW] [snap] chromium generates a lot of Apparmor noise
Public bug reported: Running Chromium's snap result in a lot of Apparmor noise like this: audit: type=1400 audit(0): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/run/mount/utab" pid=0 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 audit: type=1400 audit(0): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/run/udev/data/b230:0" pid=0 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 The above and the attached log was collected with: journalctl -o cat -k | grep -F ' apparmor="DENIED" ' | grep -F snap.chromium.chromium | sed 's/ audit([0-9.:]\+): / audit(0): /; s/ pid=[0-9]\+ / pid=0 /' | sort Additional information: $ snap info chromium name: chromium summary: Chromium web browser, open-source version of Chrome publisher: Canonical✓ contact: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bugs?field.tag=snap license: unset description: | An open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web. commands: - chromium.chromedriver - chromium snap-id: XKEcBqPM06H1Z7zGOdG5fbICuf8NWK5R tracking: edge refresh-date: 11 days ago, at 12:08 EDT channels: stable:74.0.3729.131 2019-05-02 (705) 162MB - candidate: 74.0.3729.131 2019-05-01 (705) 162MB - beta: 74.0.3729.61 2019-04-06 (688) 162MB - edge: 75.0.3770.9 2019-04-27 (703) 163MB - installed: 75.0.3770.9 (703) 163MB - $ snap interfaces chromium SlotPlug :browser-supportchromium:browser-sandbox :camera chromium :desktopchromium :gsettings chromium :home chromium :networkchromium :network-bind chromium :opengl chromium :personal-files chromium:chromium-config :pulseaudio chromium :screen-inhibit-control chromium :u2f-deviceschromium :unity7 chromium :upower-observe chromium :x11chromium gtk-common-themes:gtk-3-themes chromium gtk-common-themes:icon-themes chromium gtk-common-themes:sound-themes chromium - chromium:cups-control - chromium:mount-observe - chromium:network-manager - chromium:password-manager-service - chromium:removable-media $ apt-cache policy snapd snapd: Installed: 2.38+18.04 Candidate: 2.38+18.04 Version table: *** 2.38+18.04 500 500 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages 100 /var/lib/dpkg/status 2.37.4+18.04.1 500 500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages 2.32.5+18.04 500 500 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages $ lsb_release -rd Description:Ubuntu 18.04.2 LTS Release:18.04 ** Affects: chromium-browser (Ubuntu) Importance: Undecided Status: New ** Attachment added: "chromium-snap-apparmor.log" https://bugs.launchpad.net/bugs/1828275/+attachment/5262389/+files/chromium-snap-apparmor.log -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1828275 Title: [snap] chromium generates a lot of Apparmor noise Status in chromium-browser package in Ubuntu: New Bug description: Running Chromium's snap result in a lot of Apparmor noise like this: audit: type=1400 audit(0): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/run/mount/utab" pid=0 comm="chrome" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 audit: type=1400 audit(0): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/run/udev/data/b230:0" pid=0 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 The above and the attached log was collected with: journalctl -o cat -k | grep -F ' apparmor="DENIED" ' | grep -F snap.chromium.chromium | sed 's/ audit([0-9.:]\+): / audit(0): /; s/ pid=[0-9]\+ / pid=0 /' | sort Additional information: $ snap info chromium name: chromium summary: Chromium web browser, open-source version of Chrome publisher: Canonical✓ contact: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bugs?field.tag=snap license: unset description: | An open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web. commands: - chromium.chromedriver - chromium snap-id: XKEcBqPM06H1Z7zGOdG5fbICuf8NWK5R tracking: edge
[Desktop-packages] [Bug 1817329] Re: [snap] update hides the running browser
** Tags added: snap -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1817329 Title: [snap] update hides the running browser Status in chromium-browser package in Ubuntu: New Bug description: Problem description: I had a couple of tabs open in incognito mode and the Chromium window was minimized/didn't had the focus. Suddenly, the desktop icon vanished then reappeared, but the new icon indicated that Chromium was not running (no "dot"/running indicator next to the icon) so I couldn't get to my old tabs/session. Steps to reproduce: 1) install chromium from snap snap install chromium 2) open chromium in incognito mode 3) open a site in a tab 4) minimize the browser 5) wait for snap to refresh the chromium version 6) notice that you can't access the browser executing from the old snap version as it's no longer visible from the launcher, only the new one is there Workaround: 1) start chromium from the new snap 2) open the "task manager" 3) double-click on one of the process tied to an old tab from the previous snap version Additional information: # snap info chromium name: chromium summary: Chromium web browser, open-source version of Chrome publisher: Canonical✓ contact: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bugs?field.tag=snap license: unset description: | An open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web. commands: - chromium snap-id: XKEcBqPM06H1Z7zGOdG5fbICuf8NWK5R tracking: edge refresh-date: today at 08:39 EST channels: stable:72.0.3626.96 2019-02-13 (595) 153MB - candidate: 72.0.3626.109 2019-02-15 (606) 153MB - beta: 73.0.3683.46 2019-02-21 (618) 153MB - edge: 74.0.3710.0 2019-02-21 (617) 154MB - installed: 74.0.3710.0 (617) 154MB - # dpkg -l snapd | grep snap ii snapd 2.37.1.1+18.04 amd64Daemon and tooling that enable snap packages # lsb_release -rd Description: Ubuntu 18.04.2 LTS Release: 18.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1817329/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1817329] [NEW] [snap] update hides the running browser
Public bug reported: Problem description: I had a couple of tabs open in incognito mode and the Chromium window was minimized/didn't had the focus. Suddenly, the desktop icon vanished then reappeared, but the new icon indicated that Chromium was not running (no "dot"/running indicator next to the icon) so I couldn't get to my old tabs/session. Steps to reproduce: 1) install chromium from snap snap install chromium 2) open chromium in incognito mode 3) open a site in a tab 4) minimize the browser 5) wait for snap to refresh the chromium version 6) notice that you can't access the browser executing from the old snap version as it's no longer visible from the launcher, only the new one is there Workaround: 1) start chromium from the new snap 2) open the "task manager" 3) double-click on one of the process tied to an old tab from the previous snap version Additional information: # snap info chromium name: chromium summary: Chromium web browser, open-source version of Chrome publisher: Canonical✓ contact: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bugs?field.tag=snap license: unset description: | An open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web. commands: - chromium snap-id: XKEcBqPM06H1Z7zGOdG5fbICuf8NWK5R tracking: edge refresh-date: today at 08:39 EST channels: stable:72.0.3626.96 2019-02-13 (595) 153MB - candidate: 72.0.3626.109 2019-02-15 (606) 153MB - beta: 73.0.3683.46 2019-02-21 (618) 153MB - edge: 74.0.3710.0 2019-02-21 (617) 154MB - installed: 74.0.3710.0 (617) 154MB - # dpkg -l snapd | grep snap ii snapd 2.37.1.1+18.04 amd64Daemon and tooling that enable snap packages # lsb_release -rd Description:Ubuntu 18.04.2 LTS Release:18.04 ** Affects: chromium-browser (Ubuntu) Importance: Undecided Status: New ** Tags: snap -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1817329 Title: [snap] update hides the running browser Status in chromium-browser package in Ubuntu: New Bug description: Problem description: I had a couple of tabs open in incognito mode and the Chromium window was minimized/didn't had the focus. Suddenly, the desktop icon vanished then reappeared, but the new icon indicated that Chromium was not running (no "dot"/running indicator next to the icon) so I couldn't get to my old tabs/session. Steps to reproduce: 1) install chromium from snap snap install chromium 2) open chromium in incognito mode 3) open a site in a tab 4) minimize the browser 5) wait for snap to refresh the chromium version 6) notice that you can't access the browser executing from the old snap version as it's no longer visible from the launcher, only the new one is there Workaround: 1) start chromium from the new snap 2) open the "task manager" 3) double-click on one of the process tied to an old tab from the previous snap version Additional information: # snap info chromium name: chromium summary: Chromium web browser, open-source version of Chrome publisher: Canonical✓ contact: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bugs?field.tag=snap license: unset description: | An open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web. commands: - chromium snap-id: XKEcBqPM06H1Z7zGOdG5fbICuf8NWK5R tracking: edge refresh-date: today at 08:39 EST channels: stable:72.0.3626.96 2019-02-13 (595) 153MB - candidate: 72.0.3626.109 2019-02-15 (606) 153MB - beta: 73.0.3683.46 2019-02-21 (618) 153MB - edge: 74.0.3710.0 2019-02-21 (617) 154MB - installed: 74.0.3710.0 (617) 154MB - # dpkg -l snapd | grep snap ii snapd 2.37.1.1+18.04 amd64Daemon and tooling that enable snap packages # lsb_release -rd Description: Ubuntu 18.04.2 LTS Release: 18.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1817329/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1808576] [NEW] gnome-control-center segfaults when unit bolt.service is masked
Public bug reported: I don't have any Thunderbolt devices so I masked the unused the bolt.service. This causes problem with gnome-control-center. Steps to reproduce: 1) launch gnome-control-center $ gnome-control-center 2) navigate to Thunderbolt section go to Devices, then Thunderbolt and close gnome-control-center 3) mask bold.service $ sudo systemctl stop bolt.service $ sudo systemctl mask bolt.service 4) re-launch gnome-control-center $ gnome-control-center (gnome-control-center:21859): thunderbolt-cc-panel-WARNING **: 14:04:53.423: Could not create client: Error calling StartServiceByName for org.freedesktop.bolt: GDBus.Error:org.freedesktop.systemd1.UnitMasked: Unit bolt.service is masked. Segmentation fault (core dumped) Expected result: no segfault. Additional information: $ lsb_release -rd Description:Ubuntu 18.04.1 LTS Release:18.04 $ apt-cache policy gnome-control-center bolt gnome-control-center: Installed: 1:3.28.2-0ubuntu0.18.04.2 Candidate: 1:3.28.2-0ubuntu0.18.04.2 Version table: *** 1:3.28.2-0ubuntu0.18.04.2 500 500 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages 100 /var/lib/dpkg/status 1:3.28.1-0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages bolt: Installed: 0.5-0ubuntu0.18.04.1 Candidate: 0.5-0ubuntu0.18.04.1 Version table: *** 0.5-0ubuntu0.18.04.1 500 500 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages 100 /var/lib/dpkg/status 0.2-0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: gnome-control-center 1:3.28.2-0ubuntu0.18.04.2 ProcVersionSignature: Ubuntu 4.15.0-43.46-generic 4.15.18 Uname: Linux 4.15.0-43-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.9-0ubuntu7.5 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Fri Dec 14 14:05:26 2018 InstallationDate: Installed on 2018-07-15 (152 days ago) InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180714) ProcEnviron: LANG=en_CA.UTF-8 TERM=xterm-256color SHELL=/bin/bash XDG_RUNTIME_DIR= PATH=(custom, no user) SourcePackage: gnome-control-center UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: gnome-control-center (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug bionic third-party-packages -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-control-center in Ubuntu. https://bugs.launchpad.net/bugs/1808576 Title: gnome-control-center segfaults when unit bolt.service is masked Status in gnome-control-center package in Ubuntu: New Bug description: I don't have any Thunderbolt devices so I masked the unused the bolt.service. This causes problem with gnome-control-center. Steps to reproduce: 1) launch gnome-control-center $ gnome-control-center 2) navigate to Thunderbolt section go to Devices, then Thunderbolt and close gnome-control-center 3) mask bold.service $ sudo systemctl stop bolt.service $ sudo systemctl mask bolt.service 4) re-launch gnome-control-center $ gnome-control-center (gnome-control-center:21859): thunderbolt-cc-panel-WARNING **: 14:04:53.423: Could not create client: Error calling StartServiceByName for org.freedesktop.bolt: GDBus.Error:org.freedesktop.systemd1.UnitMasked: Unit bolt.service is masked. Segmentation fault (core dumped) Expected result: no segfault. Additional information: $ lsb_release -rd Description: Ubuntu 18.04.1 LTS Release: 18.04 $ apt-cache policy gnome-control-center bolt gnome-control-center: Installed: 1:3.28.2-0ubuntu0.18.04.2 Candidate: 1:3.28.2-0ubuntu0.18.04.2 Version table: *** 1:3.28.2-0ubuntu0.18.04.2 500 500 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages 100 /var/lib/dpkg/status 1:3.28.1-0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages bolt: Installed: 0.5-0ubuntu0.18.04.1 Candidate: 0.5-0ubuntu0.18.04.1 Version table: *** 0.5-0ubuntu0.18.04.1 500 500 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages 100 /var/lib/dpkg/status 0.2-0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: gnome-control-center 1:3.28.2-0ubuntu0.18.04.2 ProcVersionSignature: Ubuntu 4.15.0-43.46-generic 4.15.18 Uname: Linux 4.15.0-43-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.9-0ubuntu7.5 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Fri Dec 14 14:05:26 2018 InstallationDate: Installed on 2018-07-15 (152 days ago) InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release
[Desktop-packages] [Bug 1799993] Re: Firefox Segfaults
Thanks for confirming with version 63. In the apport report from version 62.0.3 there was: [68851.399630] firefox[9800]: unhandled signal 11 at nip 0954e70ece40 lr 0954e70ed414 code 1 I'd check if that's still the case with version 63. Attaching a fresh apport report might be useful. Unfortunately, I won't be able to assist you but I'm sure someone will look into this. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/173 Title: Firefox Segfaults Status in firefox package in Ubuntu: Incomplete Bug description: $ uname -a Linux sams-voo-sandbox-bigbro 4.15.0-38-generic #41-Ubuntu SMP Wed Oct 10 10:57:45 UTC 2018 ppc64le ppc64le ppc64le GNU/Linux $ lsb_release -rd Description:Ubuntu 18.04.1 LTS Release:18.04 $ apt-cache policy firefox firefox: Installed: 62.0.3+build1-0ubuntu0.18.04.1 Candidate: 62.0.3+build1-0ubuntu0.18.04.1 Version table: *** 62.0.3+build1-0ubuntu0.18.04.1 500 500 http://ports.ubuntu.com/ubuntu-ports bionic-updates/main ppc64el Packages 500 http://ports.ubuntu.com/ubuntu-ports bionic-security/main ppc64el Packages 100 /var/lib/dpkg/status 59.0.2+build1-0ubuntu1 500 500 http://ports.ubuntu.com/ubuntu-ports bionic/main ppc64el Packages $ firefox -v Mozilla Firefox 62.0.3 $ firefox --safe-mode Segmentation fault $ firefox --headless *** You are running in headless mode. Segmentation fault To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/173/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1799993] Re: Firefox Segfaults
@aixguy, Firefox got an update recently so version 63 should be available. Would you mind checking if this new version also segfaults? ** Changed in: firefox (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/173 Title: Firefox Segfaults Status in firefox package in Ubuntu: Incomplete Bug description: $ uname -a Linux sams-voo-sandbox-bigbro 4.15.0-38-generic #41-Ubuntu SMP Wed Oct 10 10:57:45 UTC 2018 ppc64le ppc64le ppc64le GNU/Linux $ lsb_release -rd Description:Ubuntu 18.04.1 LTS Release:18.04 $ apt-cache policy firefox firefox: Installed: 62.0.3+build1-0ubuntu0.18.04.1 Candidate: 62.0.3+build1-0ubuntu0.18.04.1 Version table: *** 62.0.3+build1-0ubuntu0.18.04.1 500 500 http://ports.ubuntu.com/ubuntu-ports bionic-updates/main ppc64el Packages 500 http://ports.ubuntu.com/ubuntu-ports bionic-security/main ppc64el Packages 100 /var/lib/dpkg/status 59.0.2+build1-0ubuntu1 500 500 http://ports.ubuntu.com/ubuntu-ports bionic/main ppc64el Packages $ firefox -v Mozilla Firefox 62.0.3 $ firefox --safe-mode Segmentation fault $ firefox --headless *** You are running in headless mode. Segmentation fault To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/173/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 794036] Re: Unable to open pages from www.twitter.com
Thanks Jan for confirming it was fixed! ** Changed in: firefox (Ubuntu) Status: Incomplete => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/794036 Title: Unable to open pages from www.twitter.com Status in firefox package in Ubuntu: Fix Released Bug description: Binary package hint: firefox I am unable to access any pages including my login page on www.twitter.com, have settings to allow, but to no avail, using Ubuntu 10.04 ProblemType: Bug DistroRelease: Ubuntu 10.10 Package: firefox 3.6.17+build3+nobinonly-0ubuntu0.10.10.1 ProcVersionSignature: Ubuntu 2.6.35-28.50-generic 2.6.35.11 Uname: Linux 2.6.35-28-generic i686 Architecture: i386 Date: Tue Jun 7 15:27:51 2011 FirefoxPackages: firefox 3.6.17+build3+nobinonly-0ubuntu0.10.10.1 firefox-gnome-support 3.6.17+build3+nobinonly-0ubuntu0.10.10.1 firefox-branding 3.6.17+build3+nobinonly-0ubuntu0.10.10.1 abroswer N/A abrowser-branding N/A InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Release i386 (20101007) ProcEnviron: LANG=en_ZA.UTF-8 SHELL=/bin/bash SourcePackage: firefox To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/794036/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1578853] Re: Firefox blotchy graphics in Google Maps
@David, thanks for the feedback! ** Changed in: firefox (Ubuntu) Status: Incomplete => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1578853 Title: Firefox blotchy graphics in Google Maps Status in firefox package in Ubuntu: Fix Released Bug description: Google maps are displayed in Firefox with blotches. It can take a few seconds for the blotches to stablize. It occurs both with the symbolic maps and the satellite images, and typically gets worse with more zoomed-in views. The blotches seem to be rather random. I don't have a problem with any other kind of graphics or video, Firefox or otherwise. I will attach or otherwise post three example screenshots. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: firefox 46.0+build5-0ubuntu0.14.04.2 ProcVersionSignature: Ubuntu 3.13.0-85.129-generic 3.13.11-ckt36 Uname: Linux 3.13.0-85-generic x86_64 AddonCompatCheckDisabled: False ApportVersion: 2.14.1-0ubuntu3.19 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC2: circ 2432 F pulseaudio /dev/snd/controlC1: circ 2432 F pulseaudio /dev/snd/controlC0: circ 2432 F pulseaudio BuildID: 20160425115534 Channel: Unavailable CurrentDesktop: Unity Date: Thu May 5 15:45:29 2016 DefaultProfileExtensions: extensions.sqlite corrupt or missing DefaultProfileIncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) DefaultProfileLocales: extensions.sqlite corrupt or missing DefaultProfilePrefSources: prefs.js [Profile]/extensions/{6AC85730-7D0F-4de0-B3FA-21142DD85326}/defaults/preferences/colorzilla.js DefaultProfileThemes: extensions.sqlite corrupt or missing ForcedLayersAccel: False IfupdownConfig: # interfaces(5) file used by ifup(8) and ifdown(8) auto lo iface lo inet loopback InstallationDate: Installed on 2014-07-30 (645 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140417) IpRoute: default via 192.168.3.1 dev eth0 proto static 192.168.3.0/24 dev eth0 proto kernel scope link src 192.168.3.181 metric 1 MostRecentCrashID: bp-3e82e56c-e5b2-4cb6-9b4b-fbc4d2160505 Profile1Extensions: extensions.sqlite corrupt or missing Profile1IncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) Profile1Locales: extensions.sqlite corrupt or missing Profile1PrefSources: prefs.js Profile1Themes: extensions.sqlite corrupt or missing Profiles: Profile0 (Default) - LastVersion=46.0/20160425115534 (In use) Profile1 - LastVersion=46.0/20160425115534 RelatedPackageVersions: totem-mozilla 3.10.1-1ubuntu4 rhythmbox-mozilla 3.0.2-0ubuntu2 RunningIncompatibleAddons: False SourcePackage: firefox SubmittedCrashIDs: bp-3e82e56c-e5b2-4cb6-9b4b-fbc4d2160505 bp-175b14d6-3673-4fa7-a7ae-a98bd2140730 UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 05/16/2013 dmi.bios.vendor: Dell Inc. dmi.bios.version: A01 dmi.board.name: 0KWVT8 dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 3 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvrA01:bd05/16/2013:svnDellInc.:pnXPS8700:pvr:rvnDellInc.:rn0KWVT8:rvrA00:cvnDellInc.:ct3:cvr: dmi.product.name: XPS 8700 dmi.sys.vendor: Dell Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1578853/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
Re: [Desktop-packages] [Bug 1770600] Re: Firefox v60: does not work after updating, many "DENIED" log entries.
Hi Daniel, On 2018-05-11 04:46 PM, daniel CURTIS wrote: > Thank You very much for an informations. Yes, there was some changes to > the Sandbox (vide 'about:support'), because after update there was one > new option with 'false' value (I have had similar issue in the past but > it's not important now) and levels for the "Content Separation" and > "Effective Content Separation" has changed to "4" (while in Firefox 59.0 > version it was "3") etc. > > I will also add an "owner" prefix to the '@{PROC}' rules. Thanks for > clarifications; I waited for something like this, because I had no idea > if "owner" should be used in such situation. When the denial message have "fsuid" equal to "ouid" it's a good hint to try the "owner" prefix. fsuid is the UID of the file system object accessed by the "ouid" which corresponds to the UID of the runnig process trying to make the access. Those denials all had "fsuid=1000 ouid=1000". > Anyway, if it's about the last rule in my report and this one mentioned > in my comment #2: it seems, that when everything is commented, there is > a problem with opening new tab (e.g. by clicking "+") - after ~2 hours > of Firefox using there is an error message that "this tab has failed", > "We can help!" etc. Everything else is working okay. > > For now I decided to comment this rule, because I think it's a wrong > rule (see my post #2 for more informations). As I already mentioned, > "abstractions/X" file contains rule related with "/tmp/.X11-unix/X0" and > "connect" operation. However, there is also "type" and "peer" options > (see report; last rule) - which is not in the log entry! So, here is > what I've done for now: > > # Here are a rules from an "abstractions/X" file. However I used "rw" access. > Reason: > # "r" access added because of log entries with 'requested{,denied}_mask=r' > (see bug report) > # > /tmp/.X11-unix/* rw, Looking at etckeeper logs, "r" was added to abstractions/X on December 21st 2016. It was apparently a local/manual fix I made on that date. > #unix (connect, receive, send) > #type=stream > #peer=(addr="@/tmp/.X11-unix/X[0-9]*"), > > And everything seems to work okay: just as before update to 60.0 > version. Okay, so for now I will: > > ✗ add an "owner" prefix for all '@{PROC}' rules (thanks Simon!); > ✗ use only "/tmp/.X11-unix/* rw," rule (until more information will be > gathered); > ✗ monitor the log files, journalctl(1) command etc. > > Once again: thank You Simon for an informations! I hope also that > someone else will confirm the correctness of all these rules. > (Especially these mentioned in bug report). > > By the way: Simon, what about two rules: mentioned above "unix" and > "dbus" rule (see bug report and 7. rule) Have you seen such an entries > in your log files etc.? Did you have had a similar issues with firefox, > just before adding rules (see bug report)? I must admit I've been too lazy to do proper upstreaming of my local Apparmor delta for firefox. I run with the following local/usr.bin.firefox profile: https://paste.ubuntu.com/p/z5KFTQCkWC/ Since the FF profile is disabled by default, Ubuntu/Canonical folk do not test it when releasing FF updates so you have to expect breakage if you opted in for Apparmor containment. It's too bad that Firefox's snap (https://snapcraft.io/firefox) is lagging behind otherwise we'd have Apparmor protection and more. Regards, Simon -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1770600 Title: Firefox v60: does not work after update, many "DENIED" log entries etc. Status in firefox package in Ubuntu: Confirmed Bug description: Hello. Today, Firefox has been updated to v60. After first start there was so many problems: with new tab (errors), Sandbox option (one new option with 'false' value). There were so many issues. No website was working, I can not click on anything, there was no menu bar and so on. Firefox main windows has been resized etc. Anyway, there was also a lot of "DENIED" entries in a log files. Here are the AppArmor rules, that helped and now Firefox works okay. Maybe it will help someone too? # apparmor="DENIED" operation="capable" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" comm="firefox"capability=21 # capname="sys_admin" # capability sys_admin, # apparmor="DENIED" operation="capable" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" comm="firefox" # capability=19 capname="sys_ptrace" # capability sys_ptrace, # apparmor="DENIED" operation="capable" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" comm="Gecko_IOThread" # capability=18 capname="sys_chroot" # capability sys_chroot, # NOTE: what about an "owner" prefix? # # apparmor="DENIED" operation="open" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/proc/4137/uid_map" # comm="Gecko_IOThread"
[Desktop-packages] [Bug 1770600] Re: Firefox v60: does not work after updating, many "DENIED" log entries.
@Lonnie, it is already released, see the security announcement: https://usn.ubuntu.com/3645-1/ -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1770600 Title: Firefox v60: does not work after updating, many "DENIED" log entries. Status in firefox package in Ubuntu: Confirmed Bug description: Hello. Today, Firefox has been updated to v60. After first start there was so many problems: with new tab (errors), Sandbox option (one new option with 'false' value). There were so many issues. No website was working, I can not click on anything, there was no menu bar and so on. Firefox main windows has been resized etc. Anyway, there was also a lot of "DENIED" entries in a log files. Here are the AppArmor rules, that helped and now Firefox works okay. Maybe it will help someone too? # apparmor="DENIED" operation="capable" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" comm="firefox"capability=21 # capname="sys_admin" # capability sys_admin, # apparmor="DENIED" operation="capable" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" comm="firefox" # capability=19 capname="sys_ptrace" # capability sys_ptrace, # apparmor="DENIED" operation="capable" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" comm="Gecko_IOThread" # capability=18 capname="sys_chroot" # capability sys_chroot, # NOTE: what about an "owner" prefix? # # apparmor="DENIED" operation="open" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/proc/4137/uid_map" # comm="Gecko_IOThread" requested_mask="w" denied_mask="w" # fsuid=1000 ouid=1000 # @{PROC}/@{pid}/uid_map w, # NOTE: what about an "owner" prefix? # # apparmor="DENIED" operation="open" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/proc/4282/gid_map" # comm="Gecko_IOThread" requested_mask="w" denied_mask="w" # fsuid=1000 ouid=1000 # @{PROC}/@{pid}/gid_map w, # NOTE: what about an "owner" prefix? # # apparmor="DENIED" operation="open" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/pro /4282/setgroups" # comm="Gecko_IOThread" requested_mask="w" denied_mask="w" # fsuid=1000 ouid=1000 # @{PROC}/@{pid}/setgroups w, # NOTE: what about an "owner" prefix? # # apparmor="DENIED" operation="dbus_bind" bus="session" # name="org.mozilla.firefox.WAJxENJayq__" mask="bind" # label="/usr/lib/firefox/firefox{,*[^s][^h]}" # dbus bind bus=session name=org.mozilla.firefox.*, # NOTE: this rule can be found, for example, in "abstractions/X" file. # However, there is "r" in 'requested{,denied}_mask" - for '/tmp/.X11-unix/' # - in log entries, so I added "r" - and now it's "rw". # # apparmor="DENIED" operation="connect" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" # name="/tmp/.X11-unix/X0" comm="firefox" requested_mask="r" denied_mask="r" # fsuid=1000 ouid=0 # /tmp/.X11-unix/* rw, unix (connect, receive, send) type=stream peer=(addr="@/tmp/.X11-unix/X[0-9]*"), Can someone check if these rules are okay? With above rules, Firefox v60 is working okay again: web browsing, new tabs etc. There are also some "segfaults" error in log files - together with "DENIED" rules. Here are some of them (there is a bug report on Launchpad about "libxul"): ✗ [ 3051.788218] Gecko_IOThread[4770]: segfault at 0 ip aef1b0de sp aeb1a550 error 6 in libxul.so[aebed000+66fd000] ✗ Gecko_IOThread[4795]: segfault at 0 ip aef1b0de sp aeb1a550 error 6 in libxul.so[aebed000+66fd000] I hope, that above rules will help other users who will have an issues with a new Firefox release. Here are some technical informations: ● Firefox: v60.0 (32-bit) ● Linux kernel: 4.4.0-125-generic ● Release: 16.04 LTS Thanks, best regards. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1770600/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1770600] Re: Firefox v60: does not work after updating, many "DENIED" log entries.
The sandboxing improvements are explained in more details here: https://www.morbo.org/2018/05/linux-sandboxing-improvements-in_10.html Since I see no setuid binaries, presumably the additional capabilities are used in the unprivileged user namespace. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1770600 Title: Firefox v60: does not work after updating, many "DENIED" log entries. Status in firefox package in Ubuntu: Confirmed Bug description: Hello. Today, Firefox has been updated to v60. After first start there was so many problems: with new tab (errors), Sandbox option (one new option with 'false' value). There were so many issues. No website was working, I can not click on anything, there was no menu bar and so on. Firefox main windows has been resized etc. Anyway, there was also a lot of "DENIED" entries in a log files. Here are the AppArmor rules, that helped and now Firefox works okay. Maybe it will help someone too? # apparmor="DENIED" operation="capable" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" comm="firefox"capability=21 # capname="sys_admin" # capability sys_admin, # apparmor="DENIED" operation="capable" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" comm="firefox" # capability=19 capname="sys_ptrace" # capability sys_ptrace, # apparmor="DENIED" operation="capable" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" comm="Gecko_IOThread" # capability=18 capname="sys_chroot" # capability sys_chroot, # NOTE: what about an "owner" prefix? # # apparmor="DENIED" operation="open" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/proc/4137/uid_map" # comm="Gecko_IOThread" requested_mask="w" denied_mask="w" # fsuid=1000 ouid=1000 # @{PROC}/@{pid}/uid_map w, # NOTE: what about an "owner" prefix? # # apparmor="DENIED" operation="open" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/proc/4282/gid_map" # comm="Gecko_IOThread" requested_mask="w" denied_mask="w" # fsuid=1000 ouid=1000 # @{PROC}/@{pid}/gid_map w, # NOTE: what about an "owner" prefix? # # apparmor="DENIED" operation="open" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/pro /4282/setgroups" # comm="Gecko_IOThread" requested_mask="w" denied_mask="w" # fsuid=1000 ouid=1000 # @{PROC}/@{pid}/setgroups w, # NOTE: what about an "owner" prefix? # # apparmor="DENIED" operation="dbus_bind" bus="session" # name="org.mozilla.firefox.WAJxENJayq__" mask="bind" # label="/usr/lib/firefox/firefox{,*[^s][^h]}" # dbus bind bus=session name=org.mozilla.firefox.*, # NOTE: this rule can be found, for example, in "abstractions/X" file. # However, there is "r" in 'requested{,denied}_mask" - for '/tmp/.X11-unix/' # - in log entries, so I added "r" - and now it's "rw". # # apparmor="DENIED" operation="connect" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" # name="/tmp/.X11-unix/X0" comm="firefox" requested_mask="r" denied_mask="r" # fsuid=1000 ouid=0 # /tmp/.X11-unix/* rw, unix (connect, receive, send) type=stream peer=(addr="@/tmp/.X11-unix/X[0-9]*"), Can someone check if these rules are okay? With above rules, Firefox v60 is working okay again: web browsing, new tabs etc. There are also some "segfaults" error in log files - together with "DENIED" rules. Here are some of them (there is a bug report on Launchpad about "libxul"): ✗ [ 3051.788218] Gecko_IOThread[4770]: segfault at 0 ip aef1b0de sp aeb1a550 error 6 in libxul.so[aebed000+66fd000] ✗ Gecko_IOThread[4795]: segfault at 0 ip aef1b0de sp aeb1a550 error 6 in libxul.so[aebed000+66fd000] I hope, that above rules will help other users who will have an issues with a new Firefox release. Here are some technical informations: ● Firefox: v60.0 (32-bit) ● Linux kernel: 4.4.0-125-generic ● Release: 16.04 LTS Thanks, best regards. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1770600/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1770600] Re: Firefox v60: does not work after updating, many "DENIED" log entries.
@Daniel, it looks like there was some changes to the sandboxing of Firefox. I needed to add the following rules to make FF 60 work again: # new with FF 60 capability sys_admin, capability sys_chroot, capability sys_ptrace, owner @{PROC}/@{pid}/{u,g}id_map w, owner @{PROC}/@{pid}/setgroups w, Similar to yours except that "owner" works for the files under /proc. Before adding all those rules, I got many crashes in libxul.so and libmozsandbox.so. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1770600 Title: Firefox v60: does not work after updating, many "DENIED" log entries. Status in firefox package in Ubuntu: Confirmed Bug description: Hello. Today, Firefox has been updated to v60. After first start there was so many problems: with new tab (errors), Sandbox option (one new option with 'false' value). There were so many issues. No website was working, I can not click on anything, there was no menu bar and so on. Firefox main windows has been resized etc. Anyway, there was also a lot of "DENIED" entries in a log files. Here are the AppArmor rules, that helped and now Firefox works okay. Maybe it will help someone too? # apparmor="DENIED" operation="capable" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" comm="firefox"capability=21 # capname="sys_admin" # capability sys_admin, # apparmor="DENIED" operation="capable" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" comm="firefox" # capability=19 capname="sys_ptrace" # capability sys_ptrace, # apparmor="DENIED" operation="capable" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" comm="Gecko_IOThread" # capability=18 capname="sys_chroot" # capability sys_chroot, # NOTE: what about an "owner" prefix? # # apparmor="DENIED" operation="open" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/proc/4137/uid_map" # comm="Gecko_IOThread" requested_mask="w" denied_mask="w" # fsuid=1000 ouid=1000 # @{PROC}/@{pid}/uid_map w, # NOTE: what about an "owner" prefix? # # apparmor="DENIED" operation="open" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/proc/4282/gid_map" # comm="Gecko_IOThread" requested_mask="w" denied_mask="w" # fsuid=1000 ouid=1000 # @{PROC}/@{pid}/gid_map w, # NOTE: what about an "owner" prefix? # # apparmor="DENIED" operation="open" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/pro /4282/setgroups" # comm="Gecko_IOThread" requested_mask="w" denied_mask="w" # fsuid=1000 ouid=1000 # @{PROC}/@{pid}/setgroups w, # NOTE: what about an "owner" prefix? # # apparmor="DENIED" operation="dbus_bind" bus="session" # name="org.mozilla.firefox.WAJxENJayq__" mask="bind" # label="/usr/lib/firefox/firefox{,*[^s][^h]}" # dbus bind bus=session name=org.mozilla.firefox.*, # NOTE: this rule can be found, for example, in "abstractions/X" file. # However, there is "r" in 'requested{,denied}_mask" - for '/tmp/.X11-unix/' # - in log entries, so I added "r" - and now it's "rw". # # apparmor="DENIED" operation="connect" # profile="/usr/lib/firefox/firefox{,*[^s][^h]}" # name="/tmp/.X11-unix/X0" comm="firefox" requested_mask="r" denied_mask="r" # fsuid=1000 ouid=0 # /tmp/.X11-unix/* rw, unix (connect, receive, send) type=stream peer=(addr="@/tmp/.X11-unix/X[0-9]*"), Can someone check if these rules are okay? With above rules, Firefox v60 is working okay again: web browsing, new tabs etc. There are also some "segfaults" error in log files - together with "DENIED" rules. Here are some of them (there is a bug report on Launchpad about "libxul"): ✗ [ 3051.788218] Gecko_IOThread[4770]: segfault at 0 ip aef1b0de sp aeb1a550 error 6 in libxul.so[aebed000+66fd000] ✗ Gecko_IOThread[4795]: segfault at 0 ip aef1b0de sp aeb1a550 error 6 in libxul.so[aebed000+66fd000] I hope, that above rules will help other users who will have an issues with a new Firefox release. Here are some technical informations: ● Firefox: v60.0 (32-bit) ● Linux kernel: 4.4.0-125-generic ● Release: 16.04 LTS Thanks, best regards. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1770600/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1754401] Re: mounting /proc with hidepid causes: Fatal server error: (EE) xf86OpenConsole: Cannot open virtual console 1 (Permission denied)
I added a link to the upstream bug, thanks for the guidance Daniel. ** Bug watch added: freedesktop.org Bugzilla #105508 https://bugs.freedesktop.org/show_bug.cgi?id=105508 ** Also affects: xorg-server via https://bugs.freedesktop.org/show_bug.cgi?id=105508 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to xorg-server in Ubuntu. https://bugs.launchpad.net/bugs/1754401 Title: mounting /proc with hidepid causes: Fatal server error: (EE) xf86OpenConsole: Cannot open virtual console 1 (Permission denied) Status in X.Org X server: Confirmed Status in xorg-server package in Ubuntu: Triaged Bug description: I don't what changed but today, my Artful laptop refuses to start a graphical session. The last update seems entirely unrelated: # /var/log/apt/history.log Start-Date: 2018-03-06 15:50:35 Commandline: apt-get dist-upgrade Requested-By: simon (1000) Upgrade: libpq5:amd64 (9.6.7-0ubuntu0.17.10, 9.6.8-0ubuntu0.17.10) End-Date: 2018-03-06 15:50:39 I tried linux-image-4.13.0-32-generic and linux- image-4.13.0-36-generic to no avail. I removed the "quiet splash" args from /etc/default/grub but it didn't help. Using "nomodeset" makes the graphical session almost work but the brightness of the screen is so low that I cannot use it and can't make it brighter either. ProblemType: Bug DistroRelease: Ubuntu 17.10 Package: gdm3 3.26.1-3ubuntu3 ProcVersionSignature: Ubuntu 4.13.0-36.40-generic 4.13.13 Uname: Linux 4.13.0-36-generic x86_64 ApportVersion: 2.20.7-0ubuntu3.7 Architecture: amd64 Date: Thu Mar 8 11:08:35 2018 InstallationDate: Installed on 2017-10-21 (137 days ago) InstallationMedia: Ubuntu 17.10 "Artful Aardvark" - Release amd64 (20171018) SourcePackage: gdm3 UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/xorg-server/+bug/1754401/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1754401] Re: mounting /proc with hidepid causes: Fatal server error: (EE) xf86OpenConsole: Cannot open virtual console 1 (Permission denied)
Finally found what changed. I updated /etc/fstab to have /proc mounted with hidepid=2,gid=sudo for added security. This works perfectly on 16.04 but totally breaks on 17.10. To recap: mounting /proc with "nodev,noexec,nosuid" works but adding "hidepid=2,gid=sudo" breaks. ** Tags added: regression -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to xorg-server in Ubuntu. https://bugs.launchpad.net/bugs/1754401 Title: mounting /proc with hidepid causes: Fatal server error: (EE) xf86OpenConsole: Cannot open virtual console 1 (Permission denied) Status in gdm3 package in Ubuntu: New Status in xorg-server package in Ubuntu: New Bug description: I don't what changed but today, my Artful laptop refuses to start a graphical session. The last update seems entirely unrelated: # /var/log/apt/history.log Start-Date: 2018-03-06 15:50:35 Commandline: apt-get dist-upgrade Requested-By: simon (1000) Upgrade: libpq5:amd64 (9.6.7-0ubuntu0.17.10, 9.6.8-0ubuntu0.17.10) End-Date: 2018-03-06 15:50:39 I tried linux-image-4.13.0-32-generic and linux- image-4.13.0-36-generic to no avail. I removed the "quiet splash" args from /etc/default/grub but it didn't help. Using "nomodeset" makes the graphical session almost work but the brightness of the screen is so low that I cannot use it and can't make it brighter either. ProblemType: Bug DistroRelease: Ubuntu 17.10 Package: gdm3 3.26.1-3ubuntu3 ProcVersionSignature: Ubuntu 4.13.0-36.40-generic 4.13.13 Uname: Linux 4.13.0-36-generic x86_64 ApportVersion: 2.20.7-0ubuntu3.7 Architecture: amd64 Date: Thu Mar 8 11:08:35 2018 InstallationDate: Installed on 2017-10-21 (137 days ago) InstallationMedia: Ubuntu 17.10 "Artful Aardvark" - Release amd64 (20171018) SourcePackage: gdm3 UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1754401/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1754401] Re: mounting /proc with hidepid causes: Fatal server error: (EE) xf86OpenConsole: Cannot open virtual console 1 (Permission denied)
** Summary changed: - Fatal server error: (EE) xf86OpenConsole: Cannot open virtual console 1 (Permission denied) + mounting /proc with hidepid causes: Fatal server error: (EE) xf86OpenConsole: Cannot open virtual console 1 (Permission denied) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to xorg-server in Ubuntu. https://bugs.launchpad.net/bugs/1754401 Title: mounting /proc with hidepid causes: Fatal server error: (EE) xf86OpenConsole: Cannot open virtual console 1 (Permission denied) Status in gdm3 package in Ubuntu: New Status in xorg-server package in Ubuntu: New Bug description: I don't what changed but today, my Artful laptop refuses to start a graphical session. The last update seems entirely unrelated: # /var/log/apt/history.log Start-Date: 2018-03-06 15:50:35 Commandline: apt-get dist-upgrade Requested-By: simon (1000) Upgrade: libpq5:amd64 (9.6.7-0ubuntu0.17.10, 9.6.8-0ubuntu0.17.10) End-Date: 2018-03-06 15:50:39 I tried linux-image-4.13.0-32-generic and linux- image-4.13.0-36-generic to no avail. I removed the "quiet splash" args from /etc/default/grub but it didn't help. Using "nomodeset" makes the graphical session almost work but the brightness of the screen is so low that I cannot use it and can't make it brighter either. ProblemType: Bug DistroRelease: Ubuntu 17.10 Package: gdm3 3.26.1-3ubuntu3 ProcVersionSignature: Ubuntu 4.13.0-36.40-generic 4.13.13 Uname: Linux 4.13.0-36-generic x86_64 ApportVersion: 2.20.7-0ubuntu3.7 Architecture: amd64 Date: Thu Mar 8 11:08:35 2018 InstallationDate: Installed on 2017-10-21 (137 days ago) InstallationMedia: Ubuntu 17.10 "Artful Aardvark" - Release amd64 (20171018) SourcePackage: gdm3 UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1754401/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1721110] Re: Firefox 56 does not load flash content
*** This bug is a duplicate of bug 1720908 *** https://bugs.launchpad.net/bugs/1720908 ** This bug has been marked a duplicate of bug 1720908 Firefox cannot load Flash because of libxul broken dependency -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1721110 Title: Firefox 56 does not load flash content Status in firefox package in Ubuntu: New Bug description: I am running Ubuntu 16.04 LTS 64-bit. I have installed the newest 27.0.0.130 flash player. After I have upgraded to Firefox 56.0 today, the flash contents are not loading at all. If I set the "Shockwave flash" plugin to "ask to activate", the flash content area will show a "click to activate" message, and if I click to activate it, it turns blank immediately. This happens on any websites that contain flash content. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1721110/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1185971] Re: Please enable all hardening features
Fixed at least in Xenial: $ hardening-check /usr/lib/thunderbird/thunderbird /usr/lib/thunderbird/thunderbird: Position Independent Executable: yes Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: yes $ apt-cache policy thunderbird thunderbird: Installed: 1:52.2.1+build1-0ubuntu0.16.04.1 Candidate: 1:52.2.1+build1-0ubuntu0.16.04.1 Version table: *** 1:52.2.1+build1-0ubuntu0.16.04.1 500 500 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages 100 /var/lib/dpkg/status 1:38.6.0+build1-0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages $ lsb_release -rd Description:Ubuntu 16.04.3 LTS Release:16.04 ** Changed in: thunderbird (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/1185971 Title: Please enable all hardening features Status in thunderbird package in Ubuntu: Fix Released Bug description: Thunderbird now integrates a built-in browser as well as IM capabilities. As such, it should be built with hardening features enabled as it's the case for both Firefox and Pidgin. Thunderbird (missing PIE and BIND_NOW): $ hardening-check /usr/lib/thunderbird/thunderbird /usr/lib/thunderbird/thunderbird: Position Independent Executable: no, normal executable! Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: no not found! Firefox: $ hardening-check /usr/lib/firefox/firefox /usr/lib/firefox/firefox: Position Independent Executable: yes Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: yes Pidgin: $ hardening-check /usr/bin/pidgin /usr/bin/pidgin: Position Independent Executable: yes Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: yes Additional informations: $ lsb_release -rd Description: Ubuntu 12.04.2 LTS Release: 12.04 $ apt-cache policy thunderbird thunderbird: Installed: 17.0.6+build1-0ubuntu0.12.04.1 Candidate: 17.0.6+build1-0ubuntu0.12.04.1 Version table: *** 17.0.6+build1-0ubuntu0.12.04.1 0 500 http://archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 100 /var/lib/dpkg/status 11.0.1+build1-0ubuntu2 0 500 http://archive.ubuntu.com/ubuntu/ precise/main amd64 Packages ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: thunderbird 17.0.6+build1-0ubuntu0.12.04.1 ProcVersionSignature: Ubuntu 3.2.0-44.69-generic 3.2.44 Uname: Linux 3.2.0-44-generic x86_64 AddonCompatCheckDisabled: False AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.24. ApportVersion: 2.0.1-0ubuntu17.2 Architecture: amd64 ArecordDevices: List of CAPTURE Hardware Devices card 0: Intel [HDA Intel], device 0: CONEXANT Analog [CONEXANT Analog] Subdevices: 1/1 Subdevice #0: subdevice #0 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: simon 4033 F pulseaudio BuildID: 20130510125938 CRDA: Error: [Errno 2] No such file or directory Card0.Amixer.info: Card hw:0 'Intel'/'HDA Intel at 0xf262 irq 44' Mixer name : 'Intel IbexPeak HDMI' Components : 'HDA:14f15069,17aa214c,00100302 HDA:80862804,17aa21b5,0010' Controls : 26 Simple ctrls : 8 Card29.Amixer.info: Card hw:29 'ThinkPadEC'/'ThinkPad Console Audio Control at EC reg 0x30, fw 6IHT43WW-1.18' Mixer name : 'ThinkPad EC 6IHT43WW-1.18' Components : '' Controls : 1 Simple ctrls : 1 Card29.Amixer.values: Simple mixer control 'Console',0 Capabilities: pswitch pswitch-joined penum Playback channels: Mono Mono: Playback [on] Channel: Unavailable CurrentDmesg: dmesg: klogctl failed: Operation not permitted Date: Thu May 30 15:03:52 2013 ForcedLayersAccel: False MarkForUpload: True MostRecentCrashID: bp-fb66e348-31a9-40cf-b705-211802130411 Plugins: Shockwave Flash - /usr/lib/adobe-flashplugin/libflashplayer.so (adobe-flashplugin) ProcEnviron: LANGUAGE=en_CA:en TERM=xterm PATH=(custom, no user) LANG=en_CA.UTF-8 SHELL=/bin/bash Profiles: Profile0 (Default) - LastVersion=17.0.6/20130510125938 (In use) RelatedPackageVersions: adobe-flashplugin 11.2.202.285-0precise1 RfKill: 0: phy0: Wireless LAN Soft blocked: no Hard blocked: no RunningIncompatibleAddons: False
[Desktop-packages] [Bug 1711745] Re: constantly running scripts, lagging page load time
Could you please try to reproduce with the updated version: 55.0.2+build1-0ubuntu0.17.04.1. This new version addresses some performance regressions. I don't know if it's available for Kali just yet though. ** Changed in: firefox (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1711745 Title: constantly running scripts, lagging page load time Status in firefox package in Ubuntu: Incomplete Bug description: Firefox has been running slowly, and a script is being run several times daily that slows the system. ProblemType: Bug DistroRelease: Kali 2017.1 Package: firefox 55.0~b11+build1-0ubuntu0.17.04.1 [origin: unknown] ProcVersionSignature: Ubuntu 4.10.0-28.32-generic 4.10.17 Uname: Linux 4.10.0-28-generic x86_64 AddonCompatCheckDisabled: False ApportVersion: 2.20.4-0ubuntu4.5 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC1: shiningdove 3157 F pulseaudio /dev/snd/controlC0: shiningdove 3157 F pulseaudio BrokenPermissions: saved-telemetry-pings/2d43099a-baa5-4318-bebd-6db945e38bc4 (0o600, wrong owner) BuildID: 20170720221345 Channel: beta CurrentDesktop: Unity:Unity7 Date: Fri Aug 18 15:24:13 2017 EcryptfsInUse: Yes Extensions: extensions.sqlite corrupt or missing ForcedLayersAccel: False IfupdownConfig: # interfaces(5) file used by ifup(8) and ifdown(8) auto lo iface lo inet loopback IncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) InstallationDate: Installed on 2017-03-23 (147 days ago) InstallationMedia: Ubuntu 17.04 "Zesty Zapus" - Beta amd64 (20170321) Locales: extensions.sqlite corrupt or missing MostRecentCrashID: bp-3c205d14-24ff-41ab-b71d-0d4ac0170803 Plugins: Shockwave Flash - /usr/lib/flashplugin-installer/libflashplayer.so PrefSources: /usr/lib/firefox/defaults/pref/vendor-gre.js /usr/lib/firefox/defaults/pref/channel-prefs.js prefs.js Profiles: Profile0 (Default) - LastVersion=55.0/20170720221345 (In use) RunningIncompatibleAddons: False SourcePackage: firefox Themes: extensions.sqlite corrupt or missing UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 11/06/2015 dmi.bios.vendor: Dell Inc. dmi.bios.version: A07 dmi.board.name: 017HYC dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 9 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvrA07:bd11/06/2015:svnDellInc.:pnInspiron5758:pvr01:rvnDellInc.:rn017HYC:rvrA00:cvnDellInc.:ct9:cvr: dmi.product.name: Inspiron 5758 dmi.product.version: 01 dmi.sys.vendor: Dell Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1711745/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1710306] Re: Ubuntu 17.10 Artful has extremely out of date Firefox package (50.1.0)
Hi Daniel, you can get Firefox 54.0 from artful-proposed so you might want to use that until it officially lands in artful-updates. See https://wiki.ubuntu.com/Testing/EnableProposed for how to install packages from -proposed. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1710306 Title: Ubuntu 17.10 Artful has extremely out of date Firefox package (50.1.0) Status in firefox package in Ubuntu: New Bug description: On Ubuntu 17.10 Artful (current Ubuntu development version), the Firefox package is extremely out of date for some reason. Quoting the package page: https://packages.ubuntu.com/artful/firefox "Package: firefox (50.1.0+build2-0ubuntu1)" Compare to these non-development Ubuntu builds: https://packages.ubuntu.com/zesty/firefox https://packages.ubuntu.com/xenial/firefox https://packages.ubuntu.com/trusty/firefox All of those have "firefox (54.0+build3-0ubuntu0.*)" Firefox 50 was obsoleted (by version 51) in January 2017, 7 months ago. The current Firefox release (as of this week) is 55, which was just released. Seems like Artful should have either 54 or 55. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1710306/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1702187] [NEW] wrongly shipping da/LC_MESSAGES/unity-lens-applications.mo
Public bug reported: unity-lens-applications is apparently wrongly shipping /usr/locale/da/LC_MESSAGES/unity-lens-applications.mo This is the only translation file (.mo) shipped by unity-lens-applications. It seems that the other translation files are shipped by language-pack-gnome-CC-base where CC correspond to the language. See https://packages.ubuntu.com/search?searchon=contents=unity-lens-applications.mo==xenial=any Additional information: $ lsb_release -rd Description:Ubuntu 16.04.2 LTS Release:16.04 $ apt-cache policy unity-lens-applications unity-lens-applications: Installed: 7.1.0+16.04.20160701-0ubuntu1 Candidate: 7.1.0+16.04.20160701-0ubuntu1 Version table: *** 7.1.0+16.04.20160701-0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages 100 /var/lib/dpkg/status 7.1.0+16.04.20160217.2-0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: unity-lens-applications 7.1.0+16.04.20160701-0ubuntu1 ProcVersionSignature: Ubuntu 4.4.0-83.106-generic 4.4.70 Uname: Linux 4.4.0-83-generic x86_64 NonfreeKernelModules: zfs zunicode zcommon znvpair zavl ApportVersion: 2.20.1-0ubuntu2.9 Architecture: amd64 CurrentDesktop: Unity Date: Mon Jul 3 18:01:27 2017 InstallationDate: Installed on 2016-12-06 (209 days ago) InstallationMedia: Ubuntu-Server 16.04.1 LTS "Xenial Xerus" - Beta amd64 (20161206) SourcePackage: unity-lens-applications UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: unity-lens-applications (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug third-party-packages xenial -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to unity-lens-applications in Ubuntu. Matching subscriptions: dp-unity-lens-music https://bugs.launchpad.net/bugs/1702187 Title: wrongly shipping da/LC_MESSAGES/unity-lens-applications.mo Status in unity-lens-applications package in Ubuntu: New Bug description: unity-lens-applications is apparently wrongly shipping /usr/locale/da/LC_MESSAGES/unity-lens-applications.mo This is the only translation file (.mo) shipped by unity-lens-applications. It seems that the other translation files are shipped by language-pack-gnome-CC-base where CC correspond to the language. See https://packages.ubuntu.com/search?searchon=contents=unity-lens-applications.mo==xenial=any Additional information: $ lsb_release -rd Description: Ubuntu 16.04.2 LTS Release: 16.04 $ apt-cache policy unity-lens-applications unity-lens-applications: Installed: 7.1.0+16.04.20160701-0ubuntu1 Candidate: 7.1.0+16.04.20160701-0ubuntu1 Version table: *** 7.1.0+16.04.20160701-0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages 100 /var/lib/dpkg/status 7.1.0+16.04.20160217.2-0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: unity-lens-applications 7.1.0+16.04.20160701-0ubuntu1 ProcVersionSignature: Ubuntu 4.4.0-83.106-generic 4.4.70 Uname: Linux 4.4.0-83-generic x86_64 NonfreeKernelModules: zfs zunicode zcommon znvpair zavl ApportVersion: 2.20.1-0ubuntu2.9 Architecture: amd64 CurrentDesktop: Unity Date: Mon Jul 3 18:01:27 2017 InstallationDate: Installed on 2016-12-06 (209 days ago) InstallationMedia: Ubuntu-Server 16.04.1 LTS "Xenial Xerus" - Beta amd64 (20161206) SourcePackage: unity-lens-applications UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unity-lens-applications/+bug/1702187/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1697800] Re: [regression] firefox dies with SIGILL on machines without SSE2
Looks like it would be intentional according to https://www.mozilla.org /en-US/firefox/53.0/releasenotes/ : "Ended Firefox Linux support for processors older than Pentium 4 and AMD Opteron" Also, for Windows, they require SSE2 since Firefox 49. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1697800 Title: [regression] firefox dies with SIGILL on machines without SSE2 Status in firefox package in Ubuntu: New Bug description: I'm running Ubuntu 16.04 on an old laptop. Firefox used to work on fine until I did an 'apt upgrade'. Worked: 50.1.0+build2-0ubuntu0.16.04.1 Fails: 53.0.3+build1-0ubuntu0.16.04.2 The bug was a little tricky to track down since AppArmor was killing firefox. I believe the AppArmor error is irrelevant for this bug report, but I mention it for completeness (and so other people can google for this problem): "/usr/bin/python3: error while loading shared libraries: cannot apply additional memory protection after relocation: Permission denied" I disabled AppArmor (aa-disable '/usr/lib/firefox/firefox{,*[^s][^h]}') and now Firefox dies like so: ExceptionHandler::GenerateDump cloned child 14258 ExceptionHandler::SendContinueSignalToChild sent continue signal to child ExceptionHandler::WaitForContinueSignal waiting for continue signal... Failed to open curl lib from binary, use libcurl.so instead Using gdb to figure it out, I see that the process is getting SIGILL (Illegal Instruction). To figure out exactly which instruction is the problem, I ran gdb as follows: $ gdb /usr/lib/firefox/firefox GNU gdb (Ubuntu 7.11.1-0ubuntu1~16.04) 7.11.1 [...] Reading symbols from /usr/lib/firefox/firefox...(no debugging symbols found)...done. (gdb) set disassemble-next-line on (gdb) run Starting program: /usr/lib/firefox/firefox [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1". [New Thread 0xb15c4b40 (LWP 14296)] [Thread 0xb15c4b40 (LWP 14296) exited] warning: Corrupted shared library list: 0xb794cc00 != 0xb794b800 [...] Thread 1 "firefox" received signal SIGILL, Illegal instruction. 0x4b9f826c in ?? () => 0x4b9f826c: f2 0f 11 74 24 30 movsd %xmm6,0x30(%esp) MOVSD is an SSE2 instruction, which my machine does not support. $ grep flags /proc/cpuinfo flags : fpu vme de pse tsc msr pae mce cx8 sep mtrr pge mca cmov pse36 mmx fxsr sse I had been under the impression that firefox is supposed to only use SSE2 if it is available. Is that not correct? It certainly used to work. Perhaps there is something wrong in how Ubuntu is building the binary. [Side note: There are actually two "movsd" instructions for the Intel x86 architecture. The original one (Move String, opcode A5) is supported by everything back to the 80386, but this one (Move Scalar, opcode F2 0F 11) requires SSE2. Maybe that is the source of the confusion.] Thank you. $ lsb_release -rd Description:Ubuntu 16.04.2 LTS Release:16.04 $ apt-cache policy firefox firefox: Installed: 53.0.3+build1-0ubuntu0.16.04.2 Candidate: 53.0.3+build1-0ubuntu0.16.04.2 Version table: *** 53.0.3+build1-0ubuntu0.16.04.2 500 500 http://us.archive.ubuntu.com/ubuntu xenial-updates/main i386 Packages 500 http://security.ubuntu.com/ubuntu xenial-security/main i386 Packages 100 /var/lib/dpkg/status 45.0.2+build1-0ubuntu1 500 500 http://us.archive.ubuntu.com/ubuntu xenial/main i386 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1697800/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1691796] [NEW] Copy and pasting from email in "edit" mode mangles some lines
Public bug reported: Steps to reproduce: 1) select a reply email (one with lines starting with ">") 2) type "Ctrl-e" to open it in edit mode 3) highlight the body text including some lines beginning with ">" 4) paste the text in gedit or another editor 5) notices the lines surrounding those starting with ">" are mangled For example, if a replay email contains this: On 2017-05-11 04:19 PM, John wrote: > FYI, I rebooted the server Thanks John Copy and pasting this from the "edit" mode will result in the following: On 2017-05-11 04:19 PM, John wrote:> FYI, I rebooted the server Thanks John I'm pretty sure this is a regression introduced when I upgraded from 1:45.8.0+build1-0ubuntu0.16.04.1 to 1:52.1.1+build1-0ubuntu0.16.04.1 as I do that operation on a daily basis. Note that if you don't go into the edit more, you can (now?) copy and paste and it will preserve the ">" lines and formatting. Additional information: $ apt-cache policy thunderbird thunderbird: Installed: 1:52.1.1+build1-0ubuntu0.16.04.1 Candidate: 1:52.1.1+build1-0ubuntu0.16.04.1 Version table: *** 1:52.1.1+build1-0ubuntu0.16.04.1 500 500 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages 100 /var/lib/dpkg/status 1:38.6.0+build1-0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages $ lsb_release -rd Description:Ubuntu 16.04.2 LTS Release:16.04 ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: thunderbird 1:52.1.1+build1-0ubuntu0.16.04.1 ProcVersionSignature: Ubuntu 4.4.0-78.99-generic 4.4.62 Uname: Linux 4.4.0-78-generic x86_64 NonfreeKernelModules: zfs zunicode zcommon znvpair zavl AddonCompatCheckDisabled: False ApportVersion: 2.20.1-0ubuntu2.6 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/pcmC0D0p: simon 5882 F...m pulseaudio /dev/snd/controlC0: simon 5882 F pulseaudio BuildID: 2017051014 Channel: Unavailable CurrentDesktop: Unity CurrentDmesg: Error: command ['dmesg'] failed with exit code 1: dmesg: read kernel buffer failed: Operation not permitted Date: Thu May 18 11:58:48 2017 Extensions: extensions.sqlite corrupt or missing ForcedLayersAccel: False IncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) InstallationDate: Installed on 2016-12-06 (162 days ago) InstallationMedia: Ubuntu-Server 16.04.1 LTS "Xenial Xerus" - Beta amd64 (20161206) Locales: extensions.sqlite corrupt or missing MostRecentCrashID: bp-7698df53-f14c-4728-baf1-3cbef2170123 PrefSources: prefs.js /usr/lib/thunderbird/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/defaults/preferences/lightning.js /usr/share/xul-ext/enigmail/defaults/preferences/enigmail.js /usr/share/xul-ext/enigmail/defaults/preferences/000system.js Profiles: Profile0 (Default) - LastVersion=52.1.1/2017051014 (In use) RfKill: Error: [Errno 2] No such file or directory: 'rfkill' RunningIncompatibleAddons: False SourcePackage: thunderbird SubmittedCrashIDs: bp-7698df53-f14c-4728-baf1-3cbef2170123 bp-78fc0906-a06c-4941-9e18-1ad6c2160618 bp-a9f78953-eacb-4b6e-8c4a-55e332160118 Themes: extensions.sqlite corrupt or missing UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 02/17/2017 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 5.12 dmi.board.asset.tag: Tag 12345 dmi.board.name: Lemur dmi.board.vendor: System76 dmi.board.version: lemu7 dmi.chassis.asset.tag: No Asset Tag dmi.chassis.type: 10 dmi.chassis.vendor: System76 dmi.chassis.version: N/A dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr5.12:bd02/17/2017:svnSystem76:pnLemur:pvrlemu7:rvnSystem76:rnLemur:rvrlemu7:cvnSystem76:ct10:cvrN/A: dmi.product.name: Lemur dmi.product.version: lemu7 dmi.sys.vendor: System76 ** Affects: thunderbird (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug third-party-packages xenial -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/1691796 Title: Copy and pasting from email in "edit" mode mangles some lines Status in thunderbird package in Ubuntu: New Bug description: Steps to reproduce: 1) select a reply email (one with lines starting with ">") 2) type "Ctrl-e" to open it in edit mode 3) highlight the body text including some lines beginning with ">" 4) paste the text in gedit or another editor 5) notices the lines surrounding those starting with ">" are mangled For example, if a replay email contains this: On 2017-05-11 04:19 PM, John wrote: > FYI, I rebooted the server Thanks John Copy and pasting this from the "edit" mode will result in the following: On 2017-05-11 04:19 PM, John wrote:> FYI, I rebooted the server Thanks John I'm pretty sure this is a regression introduced
[Desktop-packages] [Bug 1661101] Re: Can't log in to Hotmail
This isn't a problem with Firefox. It seems like MS folks have not added the "www." prefix to their TLS certificate. Try going to https://hotmail.co.uk/ instead. ** Changed in: firefox (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1661101 Title: Can't log in to Hotmail Status in firefox package in Ubuntu: Invalid Bug description: www.hotmail.co.uk uses an invalid security certificate. The certificate is only valid for the following names: contacts.live.com, dub109.afx.ms, dub109.mail.live.com, dub110.afx.ms, dub110.mail.live.com, dub111.afx.ms, dub111.mail.live.com, dub112.afx.ms, dub112.mail.live.com, dub113.afx.ms, dub113.mail.live.com, dub114.afx.ms, dub114.mail.live.com, dub115.afx.ms, dub115.mail.live.com, dub116.afx.ms, dub116.mail.live.com, dub117.afx.ms, dub117.mail.live.com, dub118.afx.ms, dub118.mail.live.com, dub119.afx.ms, dub119.mail.live.com, dub120.afx.ms, dub120.mail.live.com, dub121.afx.ms, dub121.mail.live.com, dub122.afx.ms, dub122.mail.live.com, dub123.afx.ms, dub123.mail.live.com, dub124.afx.ms, dub124.mail.live.com, dub125.afx.ms, dub125.mail.live.com, dub126.afx.ms, dub126.mail.live.com, dub127.afx.ms, dub127.mail.live.com, dub128.afx.ms, dub128.mail.live.com, dub129.afx.ms, dub129.mail.live.com, dub130.afx.ms, dub130.mail.live.com, dub131.afx.ms, dub131.mail.live.com, dub132.afx.ms, dub132.mail.live.com, dub133.afx.ms, dub133.mail.live.com, dub134.afx.ms, dub134.mail.live.com, dub135.afx.ms, dub135.mail.live.com, dvt.mail.live.com, home.live.com, hotmail.co.jp, hotmail.co.uk, hotmail.com, hotmail.live.com, hotmail.msn.com, m.mail.live.com, mail.live.com, origin.dub109.mail.live.com, origin.dub110.mail.live.com, origin.dub111.mail.live.com, origin.dub112.mail.live.com, origin.dub113.mail.live.com, origin.dub114.mail.live.com, origin.dub115.mail.live.com, origin.dub116.mail.live.com, origin.dub117.mail.live.com, origin.dub118.mail.live.com, origin.dub119.mail.live.com, origin.dub120.mail.live.com, origin.dub121.mail.live.com, origin.dub122.mail.live.com, origin.dub123.mail.live.com, origin.dub124.mail.live.com, origin.dub125.mail.live.com, origin.dub126.mail.live.com, origin.dub127.mail.live.com, origin.dub128.mail.live.com, origin.dub129.mail.live.com, origin.dub130.mail.live.com, origin.dub131.mail.live.com, origin.dub132.mail.live.com, origin.dub133.mail.live.com, origin.dub134.mail.live.com, origin.dub135.mail.live.com, people.live.com, www.hotmail.com, www.hotmail.msn.com, www.live.com, www.mail.live.com Error code: SSL_ERROR_BAD_CERT_DOMAIN OS ubuntu 16:04 8Gb ram new PC Can't log in Hotmail with Fire fox or Chrome on Linux, works a little better on Windows Pro10 Can you please advise Thanks Richard ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: firefox 51.0.1+build2-0ubuntu0.16.04.1 ProcVersionSignature: Ubuntu 4.4.0-59.80-generic 4.4.35 Uname: Linux 4.4.0-59-generic x86_64 AddonCompatCheckDisabled: False ApportVersion: 2.20.1-0ubuntu2.5 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC1: richard1705 F pulseaudio /dev/snd/controlC0: richard1705 F pulseaudio BuildID: 20170125172221 Channel: Unavailable CurrentDesktop: Unity Date: Wed Feb 1 21:12:31 2017 Extensions: extensions.sqlite corrupt or missing ForcedLayersAccel: False IfupdownConfig: # interfaces(5) file used by ifup(8) and ifdown(8) auto lo iface lo inet loopback IncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) InstallationDate: Installed on 2015-12-15 (414 days ago) InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Release amd64 (20151021) IpRoute: default via 192.168.1.254 dev enp2s0 proto static metric 100 169.254.0.0/16 dev enp2s0 scope link metric 1000 192.168.1.0/24 dev enp2s0 proto kernel scope link src 192.168.1.2 metric 100 IwConfig: enp2s0no wireless extensions. lono wireless extensions. Locales: extensions.sqlite corrupt or missing Plugins: DjView-4.10.5 - /usr/lib/mozilla/plugins/nsdejavu.so (djview-plugin) Shockwave Flash - /usr/lib/flashplugin-installer/libflashplayer.so PrefSources: prefs.js ProcEnviron: LANGUAGE=en_GB:en PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_GB.UTF-8 SHELL=/bin/bash Profiles: Profile0 (Default) - LastVersion=51.0.1/20170125172221 (In use) RelatedPackageVersions: djview-plugin 4.10.5-1 RfKill: RunningIncompatibleAddons: False SourcePackage: firefox Themes: extensions.sqlite corrupt or missing UpgradeStatus: Upgraded to xenial on 2016-06-24 (222 days ago) dmi.bios.date: 08/19/2014 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: F1
Re: [Desktop-packages] [Bug 1495248] Re: usr.bin.firefox blocks /dev/shm
On 2017-01-31 05:46 PM, Jean-Philippe Guérard wrote: > I was able to reproduce the problem, but only using the flash plugin: > > Jan 31 23:38:34 tigreraye kernel: [221147.141240] audit: type=1400 > audit(1485902314.881:3406): apparmor="DENIED" operation="mknod" > profile="/usr/lib/firefox/firefox{,*[^s][^h]}" > name="/dev/shm/org.chromium.CvbXEt" pid=11592 comm="plugin-containe" > requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000 > Jan 31 23:38:34 tigreraye kernel: [221147.141263] audit: type=1400 > audit(1485902314.881:3407): apparmor="DENIED" operation="mknod" > profile="/usr/lib/firefox/firefox{,*[^s][^h]}" > name="/dev/shm/org.chromium.5Am9iK" pid=11592 comm="plugin-containe" > requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000 Good, thanks for the additional information. > I also tried the java plugin, but it does not use /dev/shm (it fails, > but for another reason): > > Jan 31 23:43:49 tigreraye kernel: [221461.300441] audit: type=1400 > audit(1485902629.062:6116995): apparmor="DENIED" operation="exec" > profile="/usr/lib/firefox/firefox{,*[^s][^h]}" > name="/usr/lib/jvm/java-8-oracle/jre/bin/java" pid=11779 > comm="plugin-containe" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 > Jan 31 23:43:49 tigreraye kernel: [221461.301683] audit: type=1400 > audit(1485902629.062:6116996): apparmor="DENIED" operation="exec" > profile="/usr/lib/firefox/firefox{,*[^s][^h]}" > name="/usr/lib/jvm/java-8-oracle/jre/bin/java" pid=11780 > comm="plugin-containe" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 Yeah, it seems like the Oracle version of the JRE/JDK isn't authorized in /etc/apparmor.d/abstractions/ubuntu-browsers.d/java. Even OpenJDK/JRE 8 isn't authorized. Both should be supported IMHO. Thanks, Simon -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1495248 Title: usr.bin.firefox blocks /dev/shm Status in firefox package in Ubuntu: Confirmed Bug description: When apparmor is activated for Firefox, I get the following log messages: [28547.841769] audit: type=1400 audit(1442154214.608:109): apparmor="DENIED" operation="mknod" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/dev/shm/shmfd-mSnoHU" pid=7425 comm ="firefox" requested_mask="c" denied_mask="c" fsuid= ouid= Both /run/shm/shmfd-* and /var/run/shm/shmfd-* are allowed, but not /dev/shm/shmfd-*. Changing : owner /{,var/}run/shm/shmfd-* rw, To: owner /{dev,{,var/}run}/shm/shmfd-* rw, seems to fix the issue. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1495248/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
Re: [Desktop-packages] [Bug 1659922] Re: Firefox 51.0.1 does not display pages/shows blank pages.
On 2017-01-31 02:51 PM, Thomas Mayer wrote: > Ugly as it is, but mozilla could also maintain profiles for different > feature sets, or distros, respectively. > > But there's more: Different versions of FF with different requirements. > The only right place to keep track of that is in the source repo of FF. > Even if Mozilla does not maintain it distro specific, it would allow > distros to keep track of necessary changes, at least. The latter > approach could at least serve as a reference. > > The current situation is at least unsatisfying: Disabling the profile > because it's unmaintainable. If you have the time, I would encourage you keep the profile enabled and collect all the missing rules in a local/ profile whenever possible (not possible for the lsb_release subprofile). If you desire, you could start with what's in LP: #1533232 as I spend a lot of time collecting those dbus and other rules. That's what I'd like to bring to the maintainer when time permits. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1659922 Title: Firefox 51.0.1 does not display pages/shows blank pages. Status in firefox package in Ubuntu: Triaged Bug description: Firefox 51.0.1 после обновления в Ubuntu 16.04 x32 не отображает содержимое сайтов. Т. е. сайты загружаются, но не отображаются. Отображается только стартовая страница. Придурки, чего вы там накомпилировали и слили в майнстрим? Давайте, исправляйте! [Firefox 51.0.1 after upgrading to Ubuntu 16.04 x32 does not display the contents of the sites. Websites are loaded but not displayed. Displays only the home page.] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1659922/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
Re: [Desktop-packages] [Bug 1659922] Re: Firefox 51.0.1 does not display pages/shows blank pages.
On 2017-01-31 02:20 PM, Thomas Mayer wrote: > Why should all the distros do that independently? There's a lot of > redundancy which could be allocated elsewhere. Indeed but cross-distro compatibility is profiles as not every distro/release have the same feature set. For example, not all supported version of Ubuntu have dbus/ptrace mitigation support. Recently, Debian also enabled Apparmor but with a smaller feature set than the latest Ubuntu. That said, I will try to reach out to the Ubuntu maintainer to at least improve that. If we get somewhere maybe Debian or upstream would be next. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1659922 Title: Firefox 51.0.1 does not display pages/shows blank pages. Status in firefox package in Ubuntu: Triaged Bug description: Firefox 51.0.1 после обновления в Ubuntu 16.04 x32 не отображает содержимое сайтов. Т. е. сайты загружаются, но не отображаются. Отображается только стартовая страница. Придурки, чего вы там накомпилировали и слили в майнстрим? Давайте, исправляйте! [Firefox 51.0.1 after upgrading to Ubuntu 16.04 x32 does not display the contents of the sites. Websites are loaded but not displayed. Displays only the home page.] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1659922/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1660268] Re: Apparmor blocks Firefox to access meminfo
@Thomas, how is this bug not a dup of LP: #1553758 that was opened before and contains the exact same Apparmor denial? -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1660268 Title: Apparmor blocks Firefox to access meminfo Status in firefox package in Ubuntu: New Bug description: Taken from syslog: Jan 30 10:13:46 lat61 kernel: [212284.232797] audit: type=1400 audit(1485767626.654:46432): apparmor="DENIED" operation="open" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/sys/devices/system/node/node0/meminfo" pid=10696 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: firefox 51.0.1+build2-0ubuntu0.16.04.1 ProcVersionSignature: Ubuntu 4.4.0-59.80-generic 4.4.35 Uname: Linux 4.4.0-59-generic x86_64 AddonCompatCheckDisabled: False ApportVersion: 2.20.1-0ubuntu2.5 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/pcmC0D0c: thomas 3175 F...m pulseaudio /dev/snd/pcmC0D0p: thomas 3175 F...m pulseaudio /dev/snd/controlC0: thomas 3175 F pulseaudio BuildID: 20170125172221 Channel: Unavailable CurrentDesktop: GNOME-Flashback:Unity Date: Mon Jan 30 10:15:56 2017 Extensions: extensions.sqlite corrupt or missing ForcedLayersAccel: False IfupdownConfig: # interfaces(5) file used by ifup(8) and ifdown(8) auto lo iface lo inet loopback IncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) InstallationDate: Installed on 2014-11-29 (793 days ago) InstallationMedia: Ubuntu 14.04.1 LTS "Trusty Tahr" - Release amd64 (20140722.2) IpRoute: default via 192.168.178.1 dev wlan0 proto static metric 600 169.254.0.0/16 dev docker0 scope link metric 1000 linkdown 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown 192.168.178.0/24 dev wlan0 proto kernel scope link src 192.168.178.22 metric 600 Locales: extensions.sqlite corrupt or missing PrefSources: prefs.js Profiles: Profile0 (Default) - LastVersion=51.0.1/20170125172221 (In use) RunningIncompatibleAddons: False SourcePackage: firefox Themes: extensions.sqlite corrupt or missing UpgradeStatus: Upgraded to xenial on 2016-06-15 (228 days ago) dmi.bios.date: 12/06/2013 dmi.bios.vendor: Dell Inc. dmi.bios.version: A16 dmi.board.name: 023HKR dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 9 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvrA16:bd12/06/2013:svnDellInc.:pnLatitudeE5510:pvr0001:rvnDellInc.:rn023HKR:rvrA00:cvnDellInc.:ct9:cvr: dmi.product.name: Latitude E5510 dmi.product.version: 0001 dmi.sys.vendor: Dell Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1660268/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
Re: [Desktop-packages] [Bug 1659922] Re: Firefox 51.0.1 does not display pages/shows blank pages.
On 2017-01-31 01:24 PM, Thomas Mayer wrote: > @sdeziel That was intentional: How should someone keep track of what > your profile fixes if there's no ticket for each rule? I see your point. > How should a maintainer decide if that should be merged? The problem is that nobody seems to care about Firefox's Apparmor profile because it's disabled by default. I don't think that having many small LPs will increase the likeliness of someone picking up the individual changes one at the time and get them through SRU. I was aiming for inclusion in the dev version of Ubuntu, in one batch. > Please don't duplicate specific tickets to an unspecific ticket. That > just confuses - at least me. Alright, I'll stop. There is no point in arguing here since we both pursue the same goal: have good Apparmor support for Firefox Regards, Simon -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1659922 Title: Firefox 51.0.1 does not display pages/shows blank pages. Status in firefox package in Ubuntu: Triaged Bug description: Firefox 51.0.1 после обновления в Ubuntu 16.04 x32 не отображает содержимое сайтов. Т. е. сайты загружаются, но не отображаются. Отображается только стартовая страница. Придурки, чего вы там накомпилировали и слили в майнстрим? Давайте, исправляйте! [Firefox 51.0.1 after upgrading to Ubuntu 16.04 x32 does not display the contents of the sites. Websites are loaded but not displayed. Displays only the home page.] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1659922/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1553758] Re: usr.bin.firefox apparmor profile blocks access to meminfo
** This bug is no longer a duplicate of bug 1533232 missing many apparmor rules on Xenial -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1553758 Title: usr.bin.firefox apparmor profile blocks access to meminfo Status in firefox package in Ubuntu: Confirmed Bug description: When I launch Firefox with apparmor enabled, I sometimes get the following error: Mar 6 17:43:43 tigreraye kernel: [14527.976158] audit: type=1400 audit(1457282623.012:97): apparmor="DENIED" operation="open" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/sys/devices/system/node/node0/meminfo" pid=12864 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Adding the following lines to the apparmor profile fixes the issue: /sys/devices/system/node/node0/meminfo r, To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1553758/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1660268] Re: Apparmor blocks Firefox to access meminfo
*** This bug is a duplicate of bug 1553758 *** https://bugs.launchpad.net/bugs/1553758 ** This bug has been marked a duplicate of bug 1553758 usr.bin.firefox apparmor profile blocks access to meminfo -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1660268 Title: Apparmor blocks Firefox to access meminfo Status in firefox package in Ubuntu: New Bug description: Taken from syslog: Jan 30 10:13:46 lat61 kernel: [212284.232797] audit: type=1400 audit(1485767626.654:46432): apparmor="DENIED" operation="open" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/sys/devices/system/node/node0/meminfo" pid=10696 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: firefox 51.0.1+build2-0ubuntu0.16.04.1 ProcVersionSignature: Ubuntu 4.4.0-59.80-generic 4.4.35 Uname: Linux 4.4.0-59-generic x86_64 AddonCompatCheckDisabled: False ApportVersion: 2.20.1-0ubuntu2.5 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/pcmC0D0c: thomas 3175 F...m pulseaudio /dev/snd/pcmC0D0p: thomas 3175 F...m pulseaudio /dev/snd/controlC0: thomas 3175 F pulseaudio BuildID: 20170125172221 Channel: Unavailable CurrentDesktop: GNOME-Flashback:Unity Date: Mon Jan 30 10:15:56 2017 Extensions: extensions.sqlite corrupt or missing ForcedLayersAccel: False IfupdownConfig: # interfaces(5) file used by ifup(8) and ifdown(8) auto lo iface lo inet loopback IncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) InstallationDate: Installed on 2014-11-29 (793 days ago) InstallationMedia: Ubuntu 14.04.1 LTS "Trusty Tahr" - Release amd64 (20140722.2) IpRoute: default via 192.168.178.1 dev wlan0 proto static metric 600 169.254.0.0/16 dev docker0 scope link metric 1000 linkdown 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown 192.168.178.0/24 dev wlan0 proto kernel scope link src 192.168.178.22 metric 600 Locales: extensions.sqlite corrupt or missing PrefSources: prefs.js Profiles: Profile0 (Default) - LastVersion=51.0.1/20170125172221 (In use) RunningIncompatibleAddons: False SourcePackage: firefox Themes: extensions.sqlite corrupt or missing UpgradeStatus: Upgraded to xenial on 2016-06-15 (228 days ago) dmi.bios.date: 12/06/2013 dmi.bios.vendor: Dell Inc. dmi.bios.version: A16 dmi.board.name: 023HKR dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 9 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvrA16:bd12/06/2013:svnDellInc.:pnLatitudeE5510:pvr0001:rvnDellInc.:rn023HKR:rvrA00:cvnDellInc.:ct9:cvr: dmi.product.name: Latitude E5510 dmi.product.version: 0001 dmi.sys.vendor: Dell Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1660268/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1553758] Re: usr.bin.firefox apparmor profile blocks access to meminfo
*** This bug is a duplicate of bug 1533232 *** https://bugs.launchpad.net/bugs/1533232 ** This bug has been marked a duplicate of bug 1533232 missing many apparmor rules on Xenial -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1553758 Title: usr.bin.firefox apparmor profile blocks access to meminfo Status in firefox package in Ubuntu: Confirmed Bug description: When I launch Firefox with apparmor enabled, I sometimes get the following error: Mar 6 17:43:43 tigreraye kernel: [14527.976158] audit: type=1400 audit(1457282623.012:97): apparmor="DENIED" operation="open" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/sys/devices/system/node/node0/meminfo" pid=12864 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Adding the following lines to the apparmor profile fixes the issue: /sys/devices/system/node/node0/meminfo r, To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1553758/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1533232] Re: missing many apparmor rules on Xenial
** Attachment removed: "local/usr.bin.firefox" https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1533232/+attachment/4811453/+files/usr.bin.firefox ** Attachment added: "local/usr.bin.firefox" https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1533232/+attachment/4811455/+files/usr.bin.firefox -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1533232 Title: missing many apparmor rules on Xenial Status in firefox package in Ubuntu: Confirmed Bug description: I've been accumulating many rules in my /etc/apparmor.d/local/usr.bin.firefox. It's been a few days since I didn't add any so it's time to report about my local additions. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: firefox 43.0.4+build3-0ubuntu1 ProcVersionSignature: Ubuntu 4.3.0-5.16-generic 4.3.3 Uname: Linux 4.3.0-5-generic x86_64 AddonCompatCheckDisabled: False ApportVersion: 2.19.3-0ubuntu2 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/pcmC0D0p: simon 16762 F...m pulseaudio /dev/snd/controlC0: simon 16762 F pulseaudio BuildID: 20160106234842 Channel: Unavailable CurrentDesktop: Unity CurrentDmesg: Error: command ['dmesg'] failed with exit code 1: dmesg: read kernel buffer failed: Operation not permitted Date: Tue Jan 12 09:04:59 2016 Extensions: extensions.sqlite corrupt or missing ForcedLayersAccel: False IncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) Locales: extensions.sqlite corrupt or missing PrefSources: prefs.js [Profile]/extensions/dns...@nic.cz/defaults/preferences/dnssec.js [Profile]/extensions/https-everywhere-...@eff.org/defaults/preferences/preferences.js Profiles: Profile0 (Default) - LastVersion=43.0.4/20160106234842 (In use) RfKill: 0: phy0: Wireless LAN Soft blocked: no Hard blocked: no RunningIncompatibleAddons: False SourcePackage: firefox Themes: extensions.sqlite corrupt or missing UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 02/14/2013 dmi.bios.vendor: LENOVO dmi.bios.version: 6IET85WW (1.45 ) dmi.board.name: 2516CTO dmi.board.vendor: LENOVO dmi.board.version: Not Available dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 10 dmi.chassis.vendor: LENOVO dmi.chassis.version: Not Available dmi.modalias: dmi:bvnLENOVO:bvr6IET85WW(1.45):bd02/14/2013:svnLENOVO:pn2516CTO:pvrThinkPadT410:rvnLENOVO:rn2516CTO:rvrNotAvailable:cvnLENOVO:ct10:cvrNotAvailable: dmi.product.name: 2516CTO dmi.product.version: ThinkPad T410 dmi.sys.vendor: LENOVO To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1533232/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1553712] Re: usr.bin.firefox apparmor profile blocks access to mounttracker
*** This bug is a duplicate of bug 1533232 *** https://bugs.launchpad.net/bugs/1533232 @Jean-Philippe, most if not all the rules are covered in the proposed rule addition in LP: #1533232 @Thomas, I just added the dbus session receive Mounted member to the same LP, thanks. Marking as duplicate now. ** This bug has been marked a duplicate of bug 1533232 missing many apparmor rules on Xenial -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1553712 Title: usr.bin.firefox apparmor profile blocks access to mounttracker Status in firefox package in Ubuntu: Confirmed Bug description: When I launch Firefox with apparmor enabled, I get the following errors: Mar 6 13:21:19 tigreraye dbus[2570]: apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker" member="ListMountableInfo" mask="send" name=":1.46" pid=6604 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=2781 peer_label="unconfined" Mar 6 17:31:04 tigreraye dbus[4030]: apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/gtk/Private/RemoteVolumeMonitor" interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported" mask="send" name=":1.71" pid=4480 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=4327 peer_label="unconfined" Mar 6 17:31:04 tigreraye dbus[4030]: apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker" member="ListMounts" mask="send" name=":1.43" pid=4480 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=4206 peer_label="unconfined" Mar 6 17:31:04 tigreraye dbus[4030]: apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker" member="LookupMount" mask="send" name=":1.43" pid=4480 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=4206 peer_label="unconfined" Mar 6 18:47:12 tigreraye dbus[4030]: apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/gtk/Private/RemoteVolumeMonitor" interface="org.gtk.Private.RemoteVolumeMonitor" member="List" mask="send" name=":1.76" pid=13082 label="/usr/lib/firefox/firMar 6 19:31:11 tigreraye dbus[4030]: apparmor="DENIED" operation="dbus_signal" bus="session" path="/org/gtk/Private/RemoteVolumeMonitor" interface="org.gtk.Private.RemoteVolumeMonitor" member="DriveChanged" name=":1.49" mask="receive" pid=13082 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=4246 peer_label="unconfined" Mar 6 19:32:10 tigreraye dbus[4030]: apparmor="DENIED" operation="dbus_signal" bus="session" path="/org/gtk/Private/RemoteVolumeMonitor" interface="org.gtk.Private.RemoteVolumeMonitor" member="VolumeAdded" name=":1.49" mask="receive" pid=13082 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=4246 peer_label="unconfined" efox{,*[^s][^h]}" peer_pid=4333 peer_label="unconfined" Mar 6 19:43:24 tigreraye dbus[4030]: apparmor="DENIED" operation="dbus_signal" bus="session" path="/org/gtk/Private/RemoteVolumeMonitor" interface="org.gtk.Private.RemoteVolumeMonitor" member="MountPreUnmount" name=":1.49" mask="receive" pid=13082 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=4246 peer_label="unconfined" Mar 6 19:43:24 tigreraye dbus[4030]: apparmor="DENIED" operation="dbus_signal" bus="session" path="/org/gtk/Private/RemoteVolumeMonitor" interface="org.gtk.Private.RemoteVolumeMonitor" member="VolumeChanged" name=":1.49" mask="receive" pid=13082 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=4246 peer_label="unconfined" Mar 6 19:43:24 tigreraye dbus[4030]: apparmor="DENIED" operation="dbus_signal" bus="session" path="/org/gtk/Private/RemoteVolumeMonitor" interface="org.gtk.Private.RemoteVolumeMonitor" member="MountChanged" name=":1.49" mask="receive" pid=13082 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=4246 peer_label="unconfined" Mar 6 19:43:24 tigreraye dbus[4030]: apparmor="DENIED" operation="dbus_signal" bus="session" path="/org/gtk/Private/RemoteVolumeMonitor" interface="org.gtk.Private.RemoteVolumeMonitor" member="MountRemoved" name=":1.49" mask="receive" pid=13082 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=4246 peer_label="unconfined" Mar 6 19:43:25 tigreraye dbus[4030]: apparmor="DENIED" operation="dbus_signal" bus="session" path="/org/gtk/Private/RemoteVolumeMonitor" interface="org.gtk.Private.RemoteVolumeMonitor" member="VolumeRemoved" name=":1.49" mask="receive" pid=13082 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=4246 peer_label="unconfined" Mar 6 19:43:28 tigreraye dbus[4030]: apparmor="DENIED" operation="dbus_signal" bus="session" path="/org/gtk/Private/RemoteVolumeMonitor" interface="org.gtk.Private.RemoteVolumeMonitor" member="DriveDisconnected"
[Desktop-packages] [Bug 1660268] Re: Apparmor blocks Firefox to access meminfo
*** This bug is a duplicate of bug 1533232 *** https://bugs.launchpad.net/bugs/1533232 ** This bug has been marked a duplicate of bug 1533232 missing many apparmor rules on Xenial -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1660268 Title: Apparmor blocks Firefox to access meminfo Status in firefox package in Ubuntu: New Bug description: Taken from syslog: Jan 30 10:13:46 lat61 kernel: [212284.232797] audit: type=1400 audit(1485767626.654:46432): apparmor="DENIED" operation="open" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/sys/devices/system/node/node0/meminfo" pid=10696 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: firefox 51.0.1+build2-0ubuntu0.16.04.1 ProcVersionSignature: Ubuntu 4.4.0-59.80-generic 4.4.35 Uname: Linux 4.4.0-59-generic x86_64 AddonCompatCheckDisabled: False ApportVersion: 2.20.1-0ubuntu2.5 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/pcmC0D0c: thomas 3175 F...m pulseaudio /dev/snd/pcmC0D0p: thomas 3175 F...m pulseaudio /dev/snd/controlC0: thomas 3175 F pulseaudio BuildID: 20170125172221 Channel: Unavailable CurrentDesktop: GNOME-Flashback:Unity Date: Mon Jan 30 10:15:56 2017 Extensions: extensions.sqlite corrupt or missing ForcedLayersAccel: False IfupdownConfig: # interfaces(5) file used by ifup(8) and ifdown(8) auto lo iface lo inet loopback IncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) InstallationDate: Installed on 2014-11-29 (793 days ago) InstallationMedia: Ubuntu 14.04.1 LTS "Trusty Tahr" - Release amd64 (20140722.2) IpRoute: default via 192.168.178.1 dev wlan0 proto static metric 600 169.254.0.0/16 dev docker0 scope link metric 1000 linkdown 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown 192.168.178.0/24 dev wlan0 proto kernel scope link src 192.168.178.22 metric 600 Locales: extensions.sqlite corrupt or missing PrefSources: prefs.js Profiles: Profile0 (Default) - LastVersion=51.0.1/20170125172221 (In use) RunningIncompatibleAddons: False SourcePackage: firefox Themes: extensions.sqlite corrupt or missing UpgradeStatus: Upgraded to xenial on 2016-06-15 (228 days ago) dmi.bios.date: 12/06/2013 dmi.bios.vendor: Dell Inc. dmi.bios.version: A16 dmi.board.name: 023HKR dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 9 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvrA16:bd12/06/2013:svnDellInc.:pnLatitudeE5510:pvr0001:rvnDellInc.:rn023HKR:rvrA00:cvnDellInc.:ct9:cvr: dmi.product.name: Latitude E5510 dmi.product.version: 0001 dmi.sys.vendor: Dell Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1660268/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1659922] Re: Firefox 51.0.1 does not display pages/shows blank pages.
@Thomas, some of the rules are related to E10S but a lot predate it. I noticed you opened quite a few bugs with regards to Firefox's profile, most of those would have been fixed had one included my local/usr.bin.firefox rules into the main profile as shipped by the package. I try to keep the local rules up to date in LP: #1533232, hoping that someone will include them in the main profile someday :) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1659922 Title: Firefox 51.0.1 does not display pages/shows blank pages. Status in firefox package in Ubuntu: Triaged Bug description: Firefox 51.0.1 после обновления в Ubuntu 16.04 x32 не отображает содержимое сайтов. Т. е. сайты загружаются, но не отображаются. Отображается только стартовая страница. Придурки, чего вы там накомпилировали и слили в майнстрим? Давайте, исправляйте! [Firefox 51.0.1 after upgrading to Ubuntu 16.04 x32 does not display the contents of the sites. Websites are loaded but not displayed. Displays only the home page.] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1659922/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1553762] Re: usr.bin.firefox apparmor profile blocks access to UPower
*** This bug is a duplicate of bug 1533232 *** https://bugs.launchpad.net/bugs/1533232 ** This bug has been marked a duplicate of bug 1533232 missing many apparmor rules on Xenial -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1553762 Title: usr.bin.firefox apparmor profile blocks access to UPower Status in firefox package in Ubuntu: New Bug description: When I launch Firefox with apparmor enabled, I get the following error: Mar 6 17:30:59 tigreraye kernel: [13763.668517] audit: type=1107 audit(1457281859.573:91): pid=1073 uid=102 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/UPower" interface="org.freedesktop.UPower" member="EnumerateDevices" mask="send" name="org.freedesktop.UPower" pid=4480 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=4196 peer_label="unconfined" Adding the following line to the apparmor profile fixes the issue: dbus send bus=system path="/org/freedesktop/UPower" interface="org.freedesktop.UPower" member="EnumerateDevices", To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1553762/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1495248] Re: usr.bin.firefox blocks /dev/shm
@Jean-Philippe, I use the Firefox profile extensively with some additional local/ rules (LP: #1533232) but I never ran into a situation where Firefox needed to access /dev/shm. Could you double check if you still have those denial on a fully updated system? Thanks -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1495248 Title: usr.bin.firefox blocks /dev/shm Status in firefox package in Ubuntu: Confirmed Bug description: When apparmor is activated for Firefox, I get the following log messages: [28547.841769] audit: type=1400 audit(1442154214.608:109): apparmor="DENIED" operation="mknod" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/dev/shm/shmfd-mSnoHU" pid=7425 comm ="firefox" requested_mask="c" denied_mask="c" fsuid= ouid= Both /run/shm/shmfd-* and /var/run/shm/shmfd-* are allowed, but not /dev/shm/shmfd-*. Changing : owner /{,var/}run/shm/shmfd-* rw, To: owner /{dev,{,var/}run}/shm/shmfd-* rw, seems to fix the issue. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1495248/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1553763] Re: usr.bin.firefox apparmor profile blocks access to VFS services
*** This bug is a duplicate of bug 1533232 *** https://bugs.launchpad.net/bugs/1533232 ** This bug has been marked a duplicate of bug 1533232 missing many apparmor rules on Xenial -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1553763 Title: usr.bin.firefox apparmor profile blocks access to VFS services Status in firefox package in Ubuntu: New Bug description: When I launch Firefox with apparmor enabled, I get the following errors: Mar 6 17:31:04 tigreraye dbus[4030]: apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon" member="ListMonitorImplementations" mask="send" name=":1.43" pid=4480 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=4206 peer_label="unconfined" Mar 6 17:31:13 tigreraye dbus[4030]: apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/gtk/vfs/metadata" interface="org.gtk.vfs.Metadata" member="Set" mask="send" name=":1.100" pid=4480 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=4437 peer_label="unconfined" Adding the following lines to the apparmor profile fixes the issue: dbus send bus=session path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon" member="ListMonitorImplementations", dbus send bus=session path="/org/gtk/vfs/metadata" interface="org.gtk.vfs.Metadata" member="Set", To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1553763/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1553711] Re: usr.bin.firefox apparmor profile block access to ICE sockets
Fixed by apparmor 2.10.95 that was backported to Trusty. ** Changed in: firefox (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1553711 Title: usr.bin.firefox apparmor profile block access to ICE sockets Status in firefox package in Ubuntu: Fix Released Bug description: When I launch Firefox with apparmor enabled, I get the following error: Mar 6 11:03:26 tigreraye kernel: [87610.428337] audit: type=1400 audit(1457258606.891:190): apparmor="DENIED" operation="connect" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=11860 comm="firefox" family="unix" sock_type="stream" protocol=0 requested_mask="send receive connect" denied_mask="send connect" addr=none peer_addr="@/tmp/.ICE-unix/4748" peer="unconfined" Adding the following lines to the apparmor profile fixes the issue: unix (send, receive, connect) type=stream peer=(addr="@/tmp/.ICE- unix/[0-9]*"), To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1553711/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1435952] Re: Firefox apparmor profile generates DENY messages in logs
*** This bug is a duplicate of bug 1533232 *** https://bugs.launchpad.net/bugs/1533232 @Frank, the vfs mounttracker missing rules are covered in LP: #1533232 The .ICE-unix socket ones are now fixed at least in Xenial as the proper rule was added to abstractions/X ** This bug has been marked a duplicate of bug 1533232 missing many apparmor rules on Xenial -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1435952 Title: Firefox apparmor profile generates DENY messages in logs Status in firefox package in Ubuntu: New Bug description: When used with apparmor profile enforced, firefox will generate some DENY logs. Some operations should be either allowed, or explicitely denied to avoid logging. Luckily, these messages only happen on firefox startup, so they don't flood the log. 1) vfs mounttracker apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker" member="ListMountableInfo" mask="send" name=":1.5" pid=3550 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=3039 peer_label="unconfined" 2) .ICE-unix socket (?) apparmor="DENIED" operation="connect" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=7383 comm="firefox" family="unix" sock_type="stream" protocol=0 requested_mask="send receive connect" denied_mask="send connect" addr=none peer_addr="@/tmp /.ICE-unix/3092" peer="unconfined" It does not seem to have any impact, but maybe it's will in a use case that's not mine... ProblemType: Bug DistroRelease: Ubuntu 15.04 Package: firefox 36.0.1+build2-0ubuntu1 ProcVersionSignature: Ubuntu 3.19.0-10.10-generic 3.19.2 Uname: Linux 3.19.0-10-generic x86_64 AddonCompatCheckDisabled: False ApportVersion: 2.16.2-0ubuntu4 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: franck 3208 F pulseaudio BuildID: 20150306140302 Channel: Unavailable CurrentDesktop: Unity Date: Tue Mar 24 17:05:00 2015 Extensions: extensions.sqlite corrupt or missing ForcedLayersAccel: False IfupdownConfig: # interfaces(5) file used by ifup(8) and ifdown(8) auto lo iface lo inet loopback IncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) InstallationDate: Installed on 2014-12-13 (100 days ago) InstallationMedia: Ubuntu 14.10 "Utopic Unicorn" - Release amd64 (20141022.1) IpRoute: default via 10.0.0.1 dev eth0 proto static metric 1024 10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.75 192.168.111.0/24 dev wlan0 proto kernel scope link src 192.168.111.8 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 Locales: extensions.sqlite corrupt or missing Plugins: IcedTea-Web Plugin (using IcedTea-Web 1.5.2 (1.5.2-1ubuntu2)) - /usr/lib/jvm/java-7-openjdk-amd64/jre/lib/amd64/IcedTeaPlugin.so (icedtea-7-plugin) iTunes Application Detector - /usr/lib/mozilla/plugins/librhythmbox-itms-detection-plugin.so (rhythmbox-mozilla) PrefSources: prefs.js [Profile]/extensions/superst...@enjoyfreeware.org/defaults/preferences/defaults.js Profiles: Profile0 (Default) - LastVersion=36.0.1/20150306140302 (In use) RunningIncompatibleAddons: False SourcePackage: firefox Themes: extensions.sqlite corrupt or missing UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 05/14/2014 dmi.bios.vendor: LENOVO dmi.bios.version: G7ETA0WW (2.60 ) dmi.board.asset.tag: Not Available dmi.board.name: 2353CTO dmi.board.vendor: LENOVO dmi.board.version: Not Defined dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 10 dmi.chassis.vendor: LENOVO dmi.chassis.version: Not Available dmi.modalias: dmi:bvnLENOVO:bvrG7ETA0WW(2.60):bd05/14/2014:svnLENOVO:pn2353CTO:pvrThinkPadT430s:rvnLENOVO:rn2353CTO:rvrNotDefined:cvnLENOVO:ct10:cvrNotAvailable: dmi.product.name: 2353CTO dmi.product.version: ThinkPad T430s dmi.sys.vendor: LENOVO http_proxy: http://localhost:8118/ no_proxy: localhost,127.0.0.0/8,::1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1435952/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1542663] Re: apparmor profile seems to be denying legitimate action
*** This bug is a duplicate of bug 1533232 *** https://bugs.launchpad.net/bugs/1533232 ** This bug has been marked a duplicate of bug 1533232 missing many apparmor rules on Xenial -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1542663 Title: apparmor profile seems to be denying legitimate action Status in firefox package in Ubuntu: New Bug description: Not sure if this is something that firefox should be doing, but the following three events are in my /var/log/syslog corresponding to approximately the time I started Firefox: Feb 6 09:42:35 REDACTED dbus[2387]: apparmor="DENIED" operation="dbus_method_call" bus="session" path="/ScreenSaver" interface="org.freedesktop.ScreenSaver" member="Inhibit" mask="send" name="org.freedesktop.ScreenSaver" pid=3395 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=2526 peer_label="unconfined" Feb 6 09:42:35 REDACTED dbus[2387]: apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/gnome/SessionManager" interface="org.gnome.SessionManager" member="Inhibit" mask="send" name="org.gnome.SessionManager" pid=3395 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=2538 peer_label="unconfined" Feb 6 09:45:35 REDACTED dbus[2387]: apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon" member="ListMonitorImplementations" mask="send" name=":1.4" pid=5849 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=2427 peer_label="unconfined" ProblemType: Bug DistroRelease: Ubuntu 15.10 Package: firefox 44.0+build3-0ubuntu0.15.10.1 ProcVersionSignature: Ubuntu 4.2.0-27.32-generic 4.2.8-ckt1 Uname: Linux 4.2.0-27-generic x86_64 AddonCompatCheckDisabled: False ApportVersion: 2.19.1-0ubuntu5 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/pcmC0D0p: ian2627 F...m pulseaudio /dev/snd/controlC0: ian2627 F pulseaudio BuildID: 20160125133541 Channel: Unavailable CurrentDesktop: Unity Date: Sat Feb 6 09:44:15 2016 EcryptfsInUse: Yes Extensions: extensions.sqlite corrupt or missing ForcedLayersAccel: False IfupdownConfig: # interfaces(5) file used by ifup(8) and ifdown(8) auto lo iface lo inet loopback IncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) InstallationDate: Installed on 2015-11-13 (85 days ago) InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Release amd64 (20151021) IpRoute: default via 192.168.88.1 dev enp0s8 proto static metric 100 10.0.3.0/24 dev lxcbr0 proto kernel scope link src 10.0.3.1 169.254.0.0/16 dev lxcbr0 scope link metric 1000 192.168.88.0/24 dev enp0s8 proto kernel scope link src 192.168.88.181 metric 100 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 Locales: extensions.sqlite corrupt or missing PciNetwork: PrefSources: prefs.js [Profile]/extensions/https-everywhere-...@eff.org/defaults/preferences/preferences.js Profiles: Profile0 (Default) - LastVersion=44.0/20160125133541 (In use) RfKill: RunningIncompatibleAddons: False SourcePackage: firefox Themes: extensions.sqlite corrupt or missing UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 05/15/2006 dmi.bios.vendor: Phoenix Technologies, LTD dmi.bios.version: ASUS M2N-SLI DELUXE ACPI BIOS Revision 0202 dmi.board.name: M2N-SLI DELUXE dmi.board.vendor: ASUSTeK Computer INC. dmi.board.version: 1.XX dmi.chassis.asset.tag: 123456789000 dmi.chassis.type: 3 dmi.chassis.vendor: Chassis Manufacture dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnPhoenixTechnologies,LTD:bvrASUSM2N-SLIDELUXEACPIBIOSRevision0202:bd05/15/2006:svnSystemmanufacturer:pnSystemProductName:pvrSystemVersion:rvnASUSTeKComputerINC.:rnM2N-SLIDELUXE:rvr1.XX:cvnChassisManufacture:ct3:cvrChassisVersion: dmi.product.name: System Product Name dmi.product.version: System Version dmi.sys.vendor: System manufacturer To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1542663/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1533232] Re: missing many apparmor rules on Xenial
** Attachment removed: "local/usr.bin.firefox" https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1533232/+attachment/4782501/+files/usr.bin.firefox ** Attachment added: "local/usr.bin.firefox" https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1533232/+attachment/4811453/+files/usr.bin.firefox -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1533232 Title: missing many apparmor rules on Xenial Status in firefox package in Ubuntu: Confirmed Bug description: I've been accumulating many rules in my /etc/apparmor.d/local/usr.bin.firefox. It's been a few days since I didn't add any so it's time to report about my local additions. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: firefox 43.0.4+build3-0ubuntu1 ProcVersionSignature: Ubuntu 4.3.0-5.16-generic 4.3.3 Uname: Linux 4.3.0-5-generic x86_64 AddonCompatCheckDisabled: False ApportVersion: 2.19.3-0ubuntu2 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/pcmC0D0p: simon 16762 F...m pulseaudio /dev/snd/controlC0: simon 16762 F pulseaudio BuildID: 20160106234842 Channel: Unavailable CurrentDesktop: Unity CurrentDmesg: Error: command ['dmesg'] failed with exit code 1: dmesg: read kernel buffer failed: Operation not permitted Date: Tue Jan 12 09:04:59 2016 Extensions: extensions.sqlite corrupt or missing ForcedLayersAccel: False IncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) Locales: extensions.sqlite corrupt or missing PrefSources: prefs.js [Profile]/extensions/dns...@nic.cz/defaults/preferences/dnssec.js [Profile]/extensions/https-everywhere-...@eff.org/defaults/preferences/preferences.js Profiles: Profile0 (Default) - LastVersion=43.0.4/20160106234842 (In use) RfKill: 0: phy0: Wireless LAN Soft blocked: no Hard blocked: no RunningIncompatibleAddons: False SourcePackage: firefox Themes: extensions.sqlite corrupt or missing UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 02/14/2013 dmi.bios.vendor: LENOVO dmi.bios.version: 6IET85WW (1.45 ) dmi.board.name: 2516CTO dmi.board.vendor: LENOVO dmi.board.version: Not Available dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 10 dmi.chassis.vendor: LENOVO dmi.chassis.version: Not Available dmi.modalias: dmi:bvnLENOVO:bvr6IET85WW(1.45):bd02/14/2013:svnLENOVO:pn2516CTO:pvrThinkPadT410:rvnLENOVO:rn2516CTO:rvrNotAvailable:cvnLENOVO:ct10:cvrNotAvailable: dmi.product.name: 2516CTO dmi.product.version: ThinkPad T410 dmi.sys.vendor: LENOVO To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1533232/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1659922] Re: Firefox 51.0.1 does not display pages/shows blank pages.
For a long while, I've been using this local include file with success on Xenial 16.04. To make use of it, download the "local/usr.bin.firefox" file to /tmp and do: sudo cp /tmp/usr.bin.firefox /etc/apparmor.d/local/usr.bin.firefox sudo apparmor_parser -r -T -W /etc/apparmor.d/usr.bin.firefox Then restart your Firefox. ** Attachment added: "local/usr.bin.firefox" https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1659922/+attachment/4811451/+files/usr.bin.firefox -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1659922 Title: Firefox 51.0.1 does not display pages/shows blank pages. Status in firefox package in Ubuntu: Triaged Bug description: Firefox 51.0.1 после обновления в Ubuntu 16.04 x32 не отображает содержимое сайтов. Т. е. сайты загружаются, но не отображаются. Отображается только стартовая страница. Придурки, чего вы там накомпилировали и слили в майнстрим? Давайте, исправляйте! [Firefox 51.0.1 after upgrading to Ubuntu 16.04 x32 does not display the contents of the sites. Websites are loaded but not displayed. Displays only the home page.] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1659922/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1533232] Re: missing many apparmor rules on Xenial
** Attachment removed: "local/usr.bin.firefox" https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1533232/+attachment/4782500/+files/usr.bin.firefox ** Attachment added: "local/usr.bin.firefox" https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1533232/+attachment/4782501/+files/usr.bin.firefox -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1533232 Title: missing many apparmor rules on Xenial Status in firefox package in Ubuntu: New Bug description: I've been accumulating many rules in my /etc/apparmor.d/local/usr.bin.firefox. It's been a few days since I didn't add any so it's time to report about my local additions. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: firefox 43.0.4+build3-0ubuntu1 ProcVersionSignature: Ubuntu 4.3.0-5.16-generic 4.3.3 Uname: Linux 4.3.0-5-generic x86_64 AddonCompatCheckDisabled: False ApportVersion: 2.19.3-0ubuntu2 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/pcmC0D0p: simon 16762 F...m pulseaudio /dev/snd/controlC0: simon 16762 F pulseaudio BuildID: 20160106234842 Channel: Unavailable CurrentDesktop: Unity CurrentDmesg: Error: command ['dmesg'] failed with exit code 1: dmesg: read kernel buffer failed: Operation not permitted Date: Tue Jan 12 09:04:59 2016 Extensions: extensions.sqlite corrupt or missing ForcedLayersAccel: False IncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) Locales: extensions.sqlite corrupt or missing PrefSources: prefs.js [Profile]/extensions/dns...@nic.cz/defaults/preferences/dnssec.js [Profile]/extensions/https-everywhere-...@eff.org/defaults/preferences/preferences.js Profiles: Profile0 (Default) - LastVersion=43.0.4/20160106234842 (In use) RfKill: 0: phy0: Wireless LAN Soft blocked: no Hard blocked: no RunningIncompatibleAddons: False SourcePackage: firefox Themes: extensions.sqlite corrupt or missing UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 02/14/2013 dmi.bios.vendor: LENOVO dmi.bios.version: 6IET85WW (1.45 ) dmi.board.name: 2516CTO dmi.board.vendor: LENOVO dmi.board.version: Not Available dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 10 dmi.chassis.vendor: LENOVO dmi.chassis.version: Not Available dmi.modalias: dmi:bvnLENOVO:bvr6IET85WW(1.45):bd02/14/2013:svnLENOVO:pn2516CTO:pvrThinkPadT410:rvnLENOVO:rn2516CTO:rvrNotAvailable:cvnLENOVO:ct10:cvrNotAvailable: dmi.product.name: 2516CTO dmi.product.version: ThinkPad T410 dmi.sys.vendor: LENOVO To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1533232/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1533232] Re: missing many apparmor rules on Xenial
** Attachment removed: "local/usr.bin.firefox" https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1533232/+attachment/4782466/+files/usr.bin.firefox -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1533232 Title: missing many apparmor rules on Xenial Status in firefox package in Ubuntu: New Bug description: I've been accumulating many rules in my /etc/apparmor.d/local/usr.bin.firefox. It's been a few days since I didn't add any so it's time to report about my local additions. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: firefox 43.0.4+build3-0ubuntu1 ProcVersionSignature: Ubuntu 4.3.0-5.16-generic 4.3.3 Uname: Linux 4.3.0-5-generic x86_64 AddonCompatCheckDisabled: False ApportVersion: 2.19.3-0ubuntu2 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/pcmC0D0p: simon 16762 F...m pulseaudio /dev/snd/controlC0: simon 16762 F pulseaudio BuildID: 20160106234842 Channel: Unavailable CurrentDesktop: Unity CurrentDmesg: Error: command ['dmesg'] failed with exit code 1: dmesg: read kernel buffer failed: Operation not permitted Date: Tue Jan 12 09:04:59 2016 Extensions: extensions.sqlite corrupt or missing ForcedLayersAccel: False IncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) Locales: extensions.sqlite corrupt or missing PrefSources: prefs.js [Profile]/extensions/dns...@nic.cz/defaults/preferences/dnssec.js [Profile]/extensions/https-everywhere-...@eff.org/defaults/preferences/preferences.js Profiles: Profile0 (Default) - LastVersion=43.0.4/20160106234842 (In use) RfKill: 0: phy0: Wireless LAN Soft blocked: no Hard blocked: no RunningIncompatibleAddons: False SourcePackage: firefox Themes: extensions.sqlite corrupt or missing UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 02/14/2013 dmi.bios.vendor: LENOVO dmi.bios.version: 6IET85WW (1.45 ) dmi.board.name: 2516CTO dmi.board.vendor: LENOVO dmi.board.version: Not Available dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 10 dmi.chassis.vendor: LENOVO dmi.chassis.version: Not Available dmi.modalias: dmi:bvnLENOVO:bvr6IET85WW(1.45):bd02/14/2013:svnLENOVO:pn2516CTO:pvrThinkPadT410:rvnLENOVO:rn2516CTO:rvrNotAvailable:cvnLENOVO:ct10:cvrNotAvailable: dmi.product.name: 2516CTO dmi.product.version: ThinkPad T410 dmi.sys.vendor: LENOVO To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1533232/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1533232] Re: missing many apparmor rules on Xenial
** Attachment added: "local/usr.bin.firefox" https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1533232/+attachment/4782500/+files/usr.bin.firefox -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1533232 Title: missing many apparmor rules on Xenial Status in firefox package in Ubuntu: New Bug description: I've been accumulating many rules in my /etc/apparmor.d/local/usr.bin.firefox. It's been a few days since I didn't add any so it's time to report about my local additions. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: firefox 43.0.4+build3-0ubuntu1 ProcVersionSignature: Ubuntu 4.3.0-5.16-generic 4.3.3 Uname: Linux 4.3.0-5-generic x86_64 AddonCompatCheckDisabled: False ApportVersion: 2.19.3-0ubuntu2 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/pcmC0D0p: simon 16762 F...m pulseaudio /dev/snd/controlC0: simon 16762 F pulseaudio BuildID: 20160106234842 Channel: Unavailable CurrentDesktop: Unity CurrentDmesg: Error: command ['dmesg'] failed with exit code 1: dmesg: read kernel buffer failed: Operation not permitted Date: Tue Jan 12 09:04:59 2016 Extensions: extensions.sqlite corrupt or missing ForcedLayersAccel: False IncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) Locales: extensions.sqlite corrupt or missing PrefSources: prefs.js [Profile]/extensions/dns...@nic.cz/defaults/preferences/dnssec.js [Profile]/extensions/https-everywhere-...@eff.org/defaults/preferences/preferences.js Profiles: Profile0 (Default) - LastVersion=43.0.4/20160106234842 (In use) RfKill: 0: phy0: Wireless LAN Soft blocked: no Hard blocked: no RunningIncompatibleAddons: False SourcePackage: firefox Themes: extensions.sqlite corrupt or missing UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 02/14/2013 dmi.bios.vendor: LENOVO dmi.bios.version: 6IET85WW (1.45 ) dmi.board.name: 2516CTO dmi.board.vendor: LENOVO dmi.board.version: Not Available dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 10 dmi.chassis.vendor: LENOVO dmi.chassis.version: Not Available dmi.modalias: dmi:bvnLENOVO:bvr6IET85WW(1.45):bd02/14/2013:svnLENOVO:pn2516CTO:pvrThinkPadT410:rvnLENOVO:rn2516CTO:rvrNotAvailable:cvnLENOVO:ct10:cvrNotAvailable: dmi.product.name: 2516CTO dmi.product.version: ThinkPad T410 dmi.sys.vendor: LENOVO To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1533232/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1533232] Re: missing many apparmor rules on Xenial
I'm attaching my refreshed local include. ** Attachment removed: "local/usr.bin.firefox" https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1533232/+attachment/4548596/+files/local-usr.bin.firefox ** Attachment added: "local/usr.bin.firefox" https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1533232/+attachment/4782466/+files/usr.bin.firefox -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1533232 Title: missing many apparmor rules on Xenial Status in firefox package in Ubuntu: New Bug description: I've been accumulating many rules in my /etc/apparmor.d/local/usr.bin.firefox. It's been a few days since I didn't add any so it's time to report about my local additions. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: firefox 43.0.4+build3-0ubuntu1 ProcVersionSignature: Ubuntu 4.3.0-5.16-generic 4.3.3 Uname: Linux 4.3.0-5-generic x86_64 AddonCompatCheckDisabled: False ApportVersion: 2.19.3-0ubuntu2 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/pcmC0D0p: simon 16762 F...m pulseaudio /dev/snd/controlC0: simon 16762 F pulseaudio BuildID: 20160106234842 Channel: Unavailable CurrentDesktop: Unity CurrentDmesg: Error: command ['dmesg'] failed with exit code 1: dmesg: read kernel buffer failed: Operation not permitted Date: Tue Jan 12 09:04:59 2016 Extensions: extensions.sqlite corrupt or missing ForcedLayersAccel: False IncompatibleExtensions: Unavailable (corrupt or non-existant compatibility.ini or extensions.sqlite) Locales: extensions.sqlite corrupt or missing PrefSources: prefs.js [Profile]/extensions/dns...@nic.cz/defaults/preferences/dnssec.js [Profile]/extensions/https-everywhere-...@eff.org/defaults/preferences/preferences.js Profiles: Profile0 (Default) - LastVersion=43.0.4/20160106234842 (In use) RfKill: 0: phy0: Wireless LAN Soft blocked: no Hard blocked: no RunningIncompatibleAddons: False SourcePackage: firefox Themes: extensions.sqlite corrupt or missing UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 02/14/2013 dmi.bios.vendor: LENOVO dmi.bios.version: 6IET85WW (1.45 ) dmi.board.name: 2516CTO dmi.board.vendor: LENOVO dmi.board.version: Not Available dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 10 dmi.chassis.vendor: LENOVO dmi.chassis.version: Not Available dmi.modalias: dmi:bvnLENOVO:bvr6IET85WW(1.45):bd02/14/2013:svnLENOVO:pn2516CTO:pvrThinkPadT410:rvnLENOVO:rn2516CTO:rvrNotAvailable:cvnLENOVO:ct10:cvrNotAvailable: dmi.product.name: 2516CTO dmi.product.version: ThinkPad T410 dmi.sys.vendor: LENOVO To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1533232/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1643901] Re: flxdec security update tracking bug
Marc, I'm assuming this is related to this https://scarybeastsecurity.blogspot.ca/2016/11/0day-exploit-advancing- exploitation.html, right? Like the author, I question the upstream decision to include FLIC support in the "good" set. Would it be possible to move that plugin to the "bad" or the "ugly" set since it's presumably a very rarely used format? -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gst-plugins-good0.10 in Ubuntu. https://bugs.launchpad.net/bugs/1643901 Title: flxdec security update tracking bug Status in gst-plugins-good0.10 package in Ubuntu: Invalid Status in gst-plugins-good1.0 package in Ubuntu: Confirmed Status in gst-plugins-good0.10 source package in Precise: In Progress Status in gst-plugins-good1.0 source package in Precise: Invalid Status in gst-plugins-good0.10 source package in Trusty: In Progress Status in gst-plugins-good1.0 source package in Trusty: In Progress Status in gst-plugins-good0.10 source package in Xenial: In Progress Status in gst-plugins-good1.0 source package in Xenial: In Progress Status in gst-plugins-good0.10 source package in Yakkety: Invalid Status in gst-plugins-good1.0 source package in Yakkety: In Progress Status in gst-plugins-good0.10 source package in Zesty: Invalid Status in gst-plugins-good1.0 source package in Zesty: Confirmed Bug description: This bug is to track the security update to fix the flxdec out-of- bounds write. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gst-plugins-good0.10/+bug/1643901/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1568829] Re: nm-applet icon not showing when /proc is mounted with hidepid!=0
Thanks Aron and Sebastien, I can confirm that version 1.2.2-0ubuntu0.16.04.1 from xenial-proposed fixes the problem. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1568829 Title: nm-applet icon not showing when /proc is mounted with hidepid!=0 Status in Network Manager Applet: Fix Released Status in network-manager package in Ubuntu: Fix Released Status in network-manager source package in Xenial: Fix Committed Bug description: Steps to reproduce: 1. (Re-)mount /proc with hidepid=1 (or =2) 2. Restart nm-applet nm-applet's icon does not reappear after the restart. This used to work with version 1.0. Original bug description: Since I upgraded to -proposed network-manager and network-manager-gnome versions, nm-applet no longer works. Manually starting it on a console give: $ nm-applet (nm-applet:6250): nm-applet-WARNING **: GDBus.Error:org.freedesktop.NetworkManager.AgentManager.PermissionDenied: Unable to determine request sender and UID. (nm-applet:6250): libnm-CRITICAL **: nm_client_get_nm_running: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_get_state: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_networking_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wireless_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wireless_hardware_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wwan_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wwan_hardware_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_get_devices: assertion 'NM_IS_CLIENT (client)' failed What's odd is the NM and NM-gnome base versions are not identical: $ apt-cache policy network-manager network-manager-gnome network-manager: Installed: 1.1.93-0ubuntu1 Candidate: 1.1.93-0ubuntu1 Version table: *** 1.1.93-0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages 100 /var/lib/dpkg/status 1.0.4-0ubuntu10 500 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages network-manager-gnome: Installed: 1.1.93-1ubuntu1 Candidate: 1.1.93-1ubuntu1 Version table: *** 1.1.93-1ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages 100 /var/lib/dpkg/status 1.0.10-1ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: network-manager-gnome 1.1.93-1ubuntu1 ProcVersionSignature: Ubuntu 4.4.0-18.34-generic 4.4.6 Uname: Linux 4.4.0-18-generic x86_64 NonfreeKernelModules: zfs zunicode zcommon znvpair zavl ApportVersion: 2.20.1-0ubuntu1 Architecture: amd64 CurrentDesktop: Unity Date: Mon Apr 11 08:16:59 2016 NetworkManager.state: [main] NetworkingEnabled=true WirelessEnabled=true WWANEnabled=true WimaxEnabled=true RfKill: 0: phy0: Wireless LAN Soft blocked: no Hard blocked: no SourcePackage: network-manager-applet UpgradeStatus: No upgrade log present (probably fresh install) nmcli-con: Error: command ['nmcli', '-f', 'all', 'con'] failed with exit code 1: (process:7301): nmcli-CRITICAL **: Error: Could not create NMClient object: Unable to authenticate request.. nmcli-dev: Error: command ['nmcli', '-f', 'all', 'dev'] failed with exit code 1: (process:7297): nmcli-CRITICAL **: Error: Could not create NMClient object: Unable to authenticate request.. nmcli-nm: Error: command ['nmcli', '-f', 'all', 'nm'] failed with exit code 2: Error: Object 'nm' is unknown, try 'nmcli help'. To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager-applet/+bug/1568829/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1568829] Re: nm-applet icon not showing when /proc is mounted with hidepid!=0
The upstream patch was included in NM 1.2.2 so Yakkety is not affected, only Xenial is. The attached debdiff contains the upstream patch backported to Xenial. The resulting package resolve the issue. If anything is missing for the SRU process, please let me know. ** Patch added: "lp1568829.debdiff" https://bugs.launchpad.net/ubuntu/+source/network-manager-applet/+bug/1568829/+attachment/4715531/+files/lp1568829.debdiff -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to network-manager-applet in Ubuntu. https://bugs.launchpad.net/bugs/1568829 Title: nm-applet icon not showing when /proc is mounted with hidepid!=0 Status in Network Manager Applet: New Status in network-manager-applet package in Ubuntu: Confirmed Bug description: Steps to reproduce: 1. (Re-)mount /proc with hidepid=1 (or =2) 2. Restart nm-applet nm-applet's icon does not reappear after the restart. This used to work with version 1.0. Original bug description: Since I upgraded to -proposed network-manager and network-manager-gnome versions, nm-applet no longer works. Manually starting it on a console give: $ nm-applet (nm-applet:6250): nm-applet-WARNING **: GDBus.Error:org.freedesktop.NetworkManager.AgentManager.PermissionDenied: Unable to determine request sender and UID. (nm-applet:6250): libnm-CRITICAL **: nm_client_get_nm_running: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_get_state: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_networking_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wireless_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wireless_hardware_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wwan_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wwan_hardware_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_get_devices: assertion 'NM_IS_CLIENT (client)' failed What's odd is the NM and NM-gnome base versions are not identical: $ apt-cache policy network-manager network-manager-gnome network-manager: Installed: 1.1.93-0ubuntu1 Candidate: 1.1.93-0ubuntu1 Version table: *** 1.1.93-0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages 100 /var/lib/dpkg/status 1.0.4-0ubuntu10 500 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages network-manager-gnome: Installed: 1.1.93-1ubuntu1 Candidate: 1.1.93-1ubuntu1 Version table: *** 1.1.93-1ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages 100 /var/lib/dpkg/status 1.0.10-1ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: network-manager-gnome 1.1.93-1ubuntu1 ProcVersionSignature: Ubuntu 4.4.0-18.34-generic 4.4.6 Uname: Linux 4.4.0-18-generic x86_64 NonfreeKernelModules: zfs zunicode zcommon znvpair zavl ApportVersion: 2.20.1-0ubuntu1 Architecture: amd64 CurrentDesktop: Unity Date: Mon Apr 11 08:16:59 2016 NetworkManager.state: [main] NetworkingEnabled=true WirelessEnabled=true WWANEnabled=true WimaxEnabled=true RfKill: 0: phy0: Wireless LAN Soft blocked: no Hard blocked: no SourcePackage: network-manager-applet UpgradeStatus: No upgrade log present (probably fresh install) nmcli-con: Error: command ['nmcli', '-f', 'all', 'con'] failed with exit code 1: (process:7301): nmcli-CRITICAL **: Error: Could not create NMClient object: Unable to authenticate request.. nmcli-dev: Error: command ['nmcli', '-f', 'all', 'dev'] failed with exit code 1: (process:7297): nmcli-CRITICAL **: Error: Could not create NMClient object: Unable to authenticate request.. nmcli-nm: Error: command ['nmcli', '-f', 'all', 'nm'] failed with exit code 2: Error: Object 'nm' is unknown, try 'nmcli help'. To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager-applet/+bug/1568829/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1568829] Re: nm-applet icon not showing when /proc is mounted with hidepid!=0
This was fixed upstream: https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=3d505b3f87c9cb9bfdc9b9a1fc67f57330701d03 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to network-manager-applet in Ubuntu. https://bugs.launchpad.net/bugs/1568829 Title: nm-applet icon not showing when /proc is mounted with hidepid!=0 Status in Network Manager Applet: New Status in network-manager-applet package in Ubuntu: Confirmed Bug description: Steps to reproduce: 1. (Re-)mount /proc with hidepid=1 (or =2) 2. Restart nm-applet nm-applet's icon does not reappear after the restart. This used to work with version 1.0. Original bug description: Since I upgraded to -proposed network-manager and network-manager-gnome versions, nm-applet no longer works. Manually starting it on a console give: $ nm-applet (nm-applet:6250): nm-applet-WARNING **: GDBus.Error:org.freedesktop.NetworkManager.AgentManager.PermissionDenied: Unable to determine request sender and UID. (nm-applet:6250): libnm-CRITICAL **: nm_client_get_nm_running: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_get_state: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_networking_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wireless_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wireless_hardware_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wwan_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wwan_hardware_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_get_devices: assertion 'NM_IS_CLIENT (client)' failed What's odd is the NM and NM-gnome base versions are not identical: $ apt-cache policy network-manager network-manager-gnome network-manager: Installed: 1.1.93-0ubuntu1 Candidate: 1.1.93-0ubuntu1 Version table: *** 1.1.93-0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages 100 /var/lib/dpkg/status 1.0.4-0ubuntu10 500 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages network-manager-gnome: Installed: 1.1.93-1ubuntu1 Candidate: 1.1.93-1ubuntu1 Version table: *** 1.1.93-1ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages 100 /var/lib/dpkg/status 1.0.10-1ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: network-manager-gnome 1.1.93-1ubuntu1 ProcVersionSignature: Ubuntu 4.4.0-18.34-generic 4.4.6 Uname: Linux 4.4.0-18-generic x86_64 NonfreeKernelModules: zfs zunicode zcommon znvpair zavl ApportVersion: 2.20.1-0ubuntu1 Architecture: amd64 CurrentDesktop: Unity Date: Mon Apr 11 08:16:59 2016 NetworkManager.state: [main] NetworkingEnabled=true WirelessEnabled=true WWANEnabled=true WimaxEnabled=true RfKill: 0: phy0: Wireless LAN Soft blocked: no Hard blocked: no SourcePackage: network-manager-applet UpgradeStatus: No upgrade log present (probably fresh install) nmcli-con: Error: command ['nmcli', '-f', 'all', 'con'] failed with exit code 1: (process:7301): nmcli-CRITICAL **: Error: Could not create NMClient object: Unable to authenticate request.. nmcli-dev: Error: command ['nmcli', '-f', 'all', 'dev'] failed with exit code 1: (process:7297): nmcli-CRITICAL **: Error: Could not create NMClient object: Unable to authenticate request.. nmcli-nm: Error: command ['nmcli', '-f', 'all', 'nm'] failed with exit code 2: Error: Object 'nm' is unknown, try 'nmcli help'. To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager-applet/+bug/1568829/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1568829] Re: nm-applet icon not showing when /proc is mounted with hidepid!=0
Thanks Alberto. https://bugzilla.gnome.org/show_bug.cgi?id=769324 ** Description changed: + Steps to reproduce: + + 1. (Re-)mount /proc with hidepid=1 (or =2) + 2. Restart nm-applet + + nm-applet's icon does not reappear after the restart. This used to work + with version 1.0. + + + Original bug description: + Since I upgraded to -proposed network-manager and network-manager-gnome versions, nm-applet no longer works. Manually starting it on a console give: $ nm-applet (nm-applet:6250): nm-applet-WARNING **: GDBus.Error:org.freedesktop.NetworkManager.AgentManager.PermissionDenied: Unable to determine request sender and UID. (nm-applet:6250): libnm-CRITICAL **: nm_client_get_nm_running: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_get_state: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_networking_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wireless_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wireless_hardware_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wwan_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wwan_hardware_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_get_devices: assertion 'NM_IS_CLIENT (client)' failed - What's odd is the NM and NM-gnome base versions are not identical: $ apt-cache policy network-manager network-manager-gnome network-manager: - Installed: 1.1.93-0ubuntu1 - Candidate: 1.1.93-0ubuntu1 - Version table: - *** 1.1.93-0ubuntu1 500 - 500 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages - 100 /var/lib/dpkg/status - 1.0.4-0ubuntu10 500 - 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages + Installed: 1.1.93-0ubuntu1 + Candidate: 1.1.93-0ubuntu1 + Version table: + *** 1.1.93-0ubuntu1 500 + 500 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages + 100 /var/lib/dpkg/status + 1.0.4-0ubuntu10 500 + 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages network-manager-gnome: - Installed: 1.1.93-1ubuntu1 - Candidate: 1.1.93-1ubuntu1 - Version table: - *** 1.1.93-1ubuntu1 500 - 500 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages - 100 /var/lib/dpkg/status - 1.0.10-1ubuntu1 500 - 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages + Installed: 1.1.93-1ubuntu1 + Candidate: 1.1.93-1ubuntu1 + Version table: + *** 1.1.93-1ubuntu1 500 + 500 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages + 100 /var/lib/dpkg/status + 1.0.10-1ubuntu1 500 + 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: network-manager-gnome 1.1.93-1ubuntu1 ProcVersionSignature: Ubuntu 4.4.0-18.34-generic 4.4.6 Uname: Linux 4.4.0-18-generic x86_64 NonfreeKernelModules: zfs zunicode zcommon znvpair zavl ApportVersion: 2.20.1-0ubuntu1 Architecture: amd64 CurrentDesktop: Unity Date: Mon Apr 11 08:16:59 2016 NetworkManager.state: - [main] - NetworkingEnabled=true - WirelessEnabled=true - WWANEnabled=true - WimaxEnabled=true + [main] + NetworkingEnabled=true + WirelessEnabled=true + WWANEnabled=true + WimaxEnabled=true RfKill: - 0: phy0: Wireless LAN - Soft blocked: no - Hard blocked: no + 0: phy0: Wireless LAN + Soft blocked: no + Hard blocked: no SourcePackage: network-manager-applet UpgradeStatus: No upgrade log present (probably fresh install) nmcli-con: - Error: command ['nmcli', '-f', 'all', 'con'] failed with exit code 1: - (process:7301): nmcli-CRITICAL **: Error: Could not create NMClient object: Unable to authenticate request.. + Error: command ['nmcli', '-f', 'all', 'con'] failed with exit code 1: + (process:7301): nmcli-CRITICAL **: Error: Could not create NMClient object: Unable to authenticate request.. nmcli-dev: - Error: command ['nmcli', '-f', 'all', 'dev'] failed with exit code 1: - (process:7297): nmcli-CRITICAL **: Error: Could not create NMClient object: Unable to authenticate request.. + Error: command ['nmcli', '-f', 'all', 'dev'] failed with exit code 1: + (process:7297): nmcli-CRITICAL **: Error: Could not create NMClient object: Unable to authenticate request.. nmcli-nm: Error: command ['nmcli', '-f', 'all', 'nm'] failed with exit code 2: Error: Object 'nm' is unknown, try 'nmcli help'. ** Bug watch added: GNOME Bug Tracker #769324 https://bugzilla.gnome.org/show_bug.cgi?id=769324 ** Changed in: network-manager-applet (Ubuntu) Status: Incomplete => Confirmed -- You received
[Desktop-packages] [Bug 1568829] Re: nm-applet icon not showing when /proc is mounted with hidepid!=0
** Summary changed: - nm-applet icon not showing + nm-applet icon not showing when /proc is mounted with hidepid!=0 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to network-manager-applet in Ubuntu. https://bugs.launchpad.net/bugs/1568829 Title: nm-applet icon not showing when /proc is mounted with hidepid!=0 Status in Network Manager Applet: New Status in network-manager-applet package in Ubuntu: Incomplete Bug description: Since I upgraded to -proposed network-manager and network-manager-gnome versions, nm-applet no longer works. Manually starting it on a console give: $ nm-applet (nm-applet:6250): nm-applet-WARNING **: GDBus.Error:org.freedesktop.NetworkManager.AgentManager.PermissionDenied: Unable to determine request sender and UID. (nm-applet:6250): libnm-CRITICAL **: nm_client_get_nm_running: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_get_state: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_networking_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wireless_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wireless_hardware_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wwan_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_wwan_hardware_get_enabled: assertion 'NM_IS_CLIENT (client)' failed (nm-applet:6250): libnm-CRITICAL **: nm_client_get_devices: assertion 'NM_IS_CLIENT (client)' failed What's odd is the NM and NM-gnome base versions are not identical: $ apt-cache policy network-manager network-manager-gnome network-manager: Installed: 1.1.93-0ubuntu1 Candidate: 1.1.93-0ubuntu1 Version table: *** 1.1.93-0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages 100 /var/lib/dpkg/status 1.0.4-0ubuntu10 500 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages network-manager-gnome: Installed: 1.1.93-1ubuntu1 Candidate: 1.1.93-1ubuntu1 Version table: *** 1.1.93-1ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages 100 /var/lib/dpkg/status 1.0.10-1ubuntu1 500 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: network-manager-gnome 1.1.93-1ubuntu1 ProcVersionSignature: Ubuntu 4.4.0-18.34-generic 4.4.6 Uname: Linux 4.4.0-18-generic x86_64 NonfreeKernelModules: zfs zunicode zcommon znvpair zavl ApportVersion: 2.20.1-0ubuntu1 Architecture: amd64 CurrentDesktop: Unity Date: Mon Apr 11 08:16:59 2016 NetworkManager.state: [main] NetworkingEnabled=true WirelessEnabled=true WWANEnabled=true WimaxEnabled=true RfKill: 0: phy0: Wireless LAN Soft blocked: no Hard blocked: no SourcePackage: network-manager-applet UpgradeStatus: No upgrade log present (probably fresh install) nmcli-con: Error: command ['nmcli', '-f', 'all', 'con'] failed with exit code 1: (process:7301): nmcli-CRITICAL **: Error: Could not create NMClient object: Unable to authenticate request.. nmcli-dev: Error: command ['nmcli', '-f', 'all', 'dev'] failed with exit code 1: (process:7297): nmcli-CRITICAL **: Error: Could not create NMClient object: Unable to authenticate request.. nmcli-nm: Error: command ['nmcli', '-f', 'all', 'nm'] failed with exit code 2: Error: Object 'nm' is unknown, try 'nmcli help'. To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager-applet/+bug/1568829/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1519120] Re: Xenial: VLAN interfaces don't work until after a reboot
This is similar to LP: #1541678 which has a simpler and more generic patch. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1519120 Title: Xenial: VLAN interfaces don't work until after a reboot Status in network-manager package in Ubuntu: Confirmed Status in vlan package in Ubuntu: New Bug description: I tried to use the network manager UI to define a VLAN interface, and nothing happened. There are a few bugs here: (1) When creating a VLAN interface through the UI, the "vlan interface name" must be filled in. This should just default to ., rather than being a required field. (I typed in "vlan100" to get the "Save" button to activate.) (2) After creating my VLAN interface, nothing happened. No new interface appeared. I then realized that I had not installed the "vlan" package, and assumed that NetworkManager therefore could not complete configuration of the interface. (3) After installing the 'vlan' package (and then telling NetworkManager to disconnect and reconnect my Ethernet interface from the UI, just for good measure), still no VLAN interfaces were present on my system. I also tried editing the VLAN interface in the UI, and specifying "enp4s0f1.100", but still no VLAN interface came online. # apt-cache policy network-manager network-manager: Installed: 1.0.4-0ubuntu6 Candidate: 1.0.4-0ubuntu6 Version table: *** 1.0.4-0ubuntu6 0 500 http://172.16.42.88/ubuntu/ xenial/main amd64 Packages 100 /var/lib/dpkg/status # apt-cache policy vlan vlan: Installed: 1.9-3.2ubuntu1 Candidate: 1.9-3.2ubuntu1 Version table: *** 1.9-3.2ubuntu1 0 500 http://172.16.42.88/ubuntu/ xenial/main amd64 Packages 100 /var/lib/dpkg/status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1519120/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1327477] Re: dnsmasq not using all DHCPv6 provided nameservers
Simon's patch [1] was included in version 2.72 (Vivid and later). Marking as fix released. 1: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=006c162382aaa30f63413b876ecbe805280c3d36 ** Changed in: dnsmasq (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1327477 Title: dnsmasq not using all DHCPv6 provided nameservers Status in dnsmasq package in Ubuntu: Fix Released Status in network-manager package in Ubuntu: Invalid Bug description: When receiving nameservers from a DHCPv6 server, NetworkManager reports receiving both my primary and secondary servers, but only advises dnsmasq about the secondary. Jun 6 13:59:29 daedalus dhclient: XMT: Info-Request on eth0, interval 910ms. Jun 6 13:59:29 daedalus dhclient: RCV: Reply message on eth0 from fe80::221:85ff:fe10:7749. Jun 6 13:59:29 daedalus NetworkManager[22306]: (eth0): DHCPv6 state changed nbi -> renew6 Jun 6 13:59:29 daedalus NetworkManager[22306]:nameserver '2001:470:8:64f::4' Jun 6 13:59:29 daedalus NetworkManager[22306]:nameserver '2001:470:8:64f:21b:fcff:fe43:bcff' Jun 6 13:59:29 daedalus NetworkManager[22306]:domain search 'home.nivex.net.' Jun 6 13:59:29 daedalus NetworkManager[22306]: Activation (eth0) Stage 5 of 5 (IPv6 Commit) scheduled... Jun 6 13:59:29 daedalus NetworkManager[22306]: (eth0): DHCPv6 client pid 22638 exited with status 0 Jun 6 13:59:29 daedalus NetworkManager[22306]: Activation (eth0) Stage 5 of 5 (IPv6 Commit) started... Jun 6 13:59:29 daedalus avahi-daemon[991]: Registering new address record for 2001:470:8:64f:dcf5:dd0f:11f5:b6ed on eth0.*. Jun 6 13:59:30 daedalus NetworkManager[22306]: (eth0): device state change: ip-config -> secondaries (reason 'none') [70 90 0] Jun 6 13:59:30 daedalus NetworkManager[22306]: Activation (eth0) Stage 5 of 5 (IPv6 Commit) complete. Jun 6 13:59:30 daedalus NetworkManager[22306]: (eth0): device state change: secondaries -> activated (reason 'none') [90 100 0] Jun 6 13:59:30 daedalus NetworkManager[22306]: NetworkManager state is now CONNECTED_GLOBAL Jun 6 13:59:30 daedalus NetworkManager[22306]: Policy set 'Ethernet connection 1' (eth0) as default for IPv6 routing and DNS. Jun 6 13:59:30 daedalus NetworkManager[22306]: Writing DNS information to /sbin/resolvconf Jun 6 13:59:30 daedalus dnsmasq[22603]: setting upstream servers from DBus Jun 6 13:59:30 daedalus dnsmasq[22603]: using nameserver 2001:470:8:64f:21b:fcff:fe43:bcff#53 Jun 6 13:59:30 daedalus NetworkManager[22306]: Activation (eth0) successful, device activated. I noticed this during the Turn IPv4 Off Day (http://www.internetsociety.org/deploy360/blog/2013/12/campaign-turn- off-ipv4-on-6-june-2014-for-one-day/) shakedown because my secondary was not configured to recurse over IPv6, resulting in an inability to resolve anything. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: network-manager 0.9.8.8-0ubuntu7 ProcVersionSignature: Ubuntu 3.13.0-27.50-generic 3.13.11 Uname: Linux 3.13.0-27-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.2 Architecture: amd64 CurrentDesktop: XFCE Date: Fri Jun 6 23:18:49 2014 EcryptfsInUse: Yes InstallationDate: Installed on 2011-12-09 (910 days ago) InstallationMedia: Xubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111012) IpRoute: default via 172.31.3.1 dev eth0 proto static 172.31.3.0/24 dev eth0 proto kernel scope link src 172.31.3.11 metric 1 NetworkManager.state: [main] NetworkingEnabled=true WirelessEnabled=true WWANEnabled=true WimaxEnabled=true RfKill: 0: phy0: Wireless LAN Soft blocked: no Hard blocked: yes SourcePackage: network-manager UpgradeStatus: Upgraded to trusty on 2014-04-20 (47 days ago) nmcli-dev: DEVICE TYPE STATE DBUS-PATH wlan0 802-11-wireless unavailable /org/freedesktop/NetworkManager/Devices/1 eth0 802-3-ethernetconnected /org/freedesktop/NetworkManager/Devices/0 nmcli-nm: RUNNING VERSIONSTATE NET-ENABLED WIFI-HARDWARE WIFI WWAN-HARDWARE WWAN running 0.9.8.8connected enabled disabled disabled enabled disabled To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1327477/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp