[Desktop-packages] [Bug 1848919] Re: [snap] Permission denied on Private encrypted folder

2020-04-07 Thread Launchpad Bug Tracker
This bug was fixed in the package apparmor - 2.13.3-7ubuntu4

---
apparmor (2.13.3-7ubuntu4) focal; urgency=medium

  * debian/apparmor.service: add /var/lib/snapd/apparmor/profiles to
RequiresMountsFor since Ubuntu's rc.apparmor.functions looks for it
(LP: #1871148)
  * libnss-systemd.patch: allow accessing the libnss-systemd VarLink sockets
and DBus APIs. Patch partially based on work by Simon Deziel.
(LP: #1796911, LP: #1869024)
  * upstream-mr-424-kerberos-dot-dirs.patch: abstractions/kerberosclient:
allow reading /etc/krb5.conf.d/
  * upstream-mr-442-gnome-user-themes.patch: gnome abstraction: allow reading
per-user themes from $XDG_DATA_HOME (Closes: #930031)
  * upstream-mr-443-ecryptfs-dirs.patch: abstractions/base: allow read access
to top-level ecryptfs directories (LP: #1848919)
  * upstream-mr-445-uuidd-request.patch: abstractions/base: allow read access
to /run/uuidd/request
  * upstream-mr-464-Mesa_i915_perf_interface.patch: let Mesa check if the
kernel supports the i915 perf interface. Patch from Debian

 -- Jamie Strandboge   Mon, 06 Apr 2020 17:47:20 +

** Changed in: apparmor (Ubuntu)
   Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1848919

Title:
  [snap] Permission denied on Private encrypted folder

Status in AppArmor:
  Fix Released
Status in snapd:
  Fix Released
Status in apparmor package in Ubuntu:
  Fix Released
Status in chromium-browser package in Ubuntu:
  Invalid
Status in snapd package in Ubuntu:
  Fix Released

Bug description:
  When accessing the Private (/home/username/Private, Encrypted
  Directory) folder (e.g. via "Link save as...") it shows "Could not
  read contents of Private, Error opening directory ...: Permission
  denied"

  Package: chromium-browser
  Version: 77.0.3865.120-0ubuntu1~snap1

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1848919/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp


[Desktop-packages] [Bug 1848919] Re: [snap] Permission denied on Private encrypted folder

2020-04-06 Thread Jamie Strandboge
** Changed in: snapd
   Status: In Progress => Fix Released

** Changed in: snapd (Ubuntu)
   Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1848919

Title:
  [snap] Permission denied on Private encrypted folder

Status in AppArmor:
  Fix Released
Status in snapd:
  Fix Released
Status in apparmor package in Ubuntu:
  In Progress
Status in chromium-browser package in Ubuntu:
  Invalid
Status in snapd package in Ubuntu:
  Fix Released

Bug description:
  When accessing the Private (/home/username/Private, Encrypted
  Directory) folder (e.g. via "Link save as...") it shows "Could not
  read contents of Private, Error opening directory ...: Permission
  denied"

  Package: chromium-browser
  Version: 77.0.3865.120-0ubuntu1~snap1

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1848919/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp


[Desktop-packages] [Bug 1848919] Re: [snap] Permission denied on Private encrypted folder

2020-04-06 Thread Jamie Strandboge
** Changed in: apparmor
   Status: In Progress => Fix Released

** Also affects: apparmor (Ubuntu)
   Importance: Undecided
   Status: New

** Changed in: apparmor (Ubuntu)
   Importance: Undecided => Medium

** Changed in: apparmor (Ubuntu)
   Status: New => In Progress

** Changed in: apparmor (Ubuntu)
 Assignee: (unassigned) => Jamie Strandboge (jdstrand)

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1848919

Title:
  [snap] Permission denied on Private encrypted folder

Status in AppArmor:
  Fix Released
Status in snapd:
  In Progress
Status in apparmor package in Ubuntu:
  In Progress
Status in chromium-browser package in Ubuntu:
  Invalid
Status in snapd package in Ubuntu:
  Triaged

Bug description:
  When accessing the Private (/home/username/Private, Encrypted
  Directory) folder (e.g. via "Link save as...") it shows "Could not
  read contents of Private, Error opening directory ...: Permission
  denied"

  Package: chromium-browser
  Version: 77.0.3865.120-0ubuntu1~snap1

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1848919/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp


[Desktop-packages] [Bug 1848919] Re: [snap] Permission denied on Private encrypted folder

2019-12-17 Thread Jamie Strandboge
** Changed in: apparmor
   Status: Triaged => In Progress

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1848919

Title:
  [snap] Permission denied on Private encrypted folder

Status in AppArmor:
  In Progress
Status in snapd:
  In Progress
Status in chromium-browser package in Ubuntu:
  Invalid
Status in snapd package in Ubuntu:
  Triaged

Bug description:
  When accessing the Private (/home/username/Private, Encrypted
  Directory) folder (e.g. via "Link save as...") it shows "Could not
  read contents of Private, Error opening directory ...: Permission
  denied"

  Package: chromium-browser
  Version: 77.0.3865.120-0ubuntu1~snap1

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1848919/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp


[Desktop-packages] [Bug 1848919] Re: [snap] Permission denied on Private encrypted folder

2019-11-26 Thread Jamie Strandboge
https://github.com/snapcore/snapd/pull/7779

** Also affects: snapd
   Importance: Undecided
   Status: New

** Changed in: snapd (Ubuntu)
 Assignee: Jamie Strandboge (jdstrand) => (unassigned)

** Changed in: snapd
   Importance: Undecided => Low

** Changed in: snapd
 Assignee: (unassigned) => Jamie Strandboge (jdstrand)

** Changed in: snapd
Milestone: None => 2.42.3

** Changed in: snapd (Ubuntu)
   Status: In Progress => Triaged

** Changed in: snapd
   Status: New => In Progress

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1848919

Title:
  [snap] Permission denied on Private encrypted folder

Status in AppArmor:
  Triaged
Status in snapd:
  In Progress
Status in chromium-browser package in Ubuntu:
  Invalid
Status in snapd package in Ubuntu:
  Triaged

Bug description:
  When accessing the Private (/home/username/Private, Encrypted
  Directory) folder (e.g. via "Link save as...") it shows "Could not
  read contents of Private, Error opening directory ...: Permission
  denied"

  Package: chromium-browser
  Version: 77.0.3865.120-0ubuntu1~snap1

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1848919/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp


[Desktop-packages] [Bug 1848919] Re: [snap] Permission denied on Private encrypted folder

2019-11-22 Thread Jamie Strandboge
** Changed in: snapd (Ubuntu)
   Status: Triaged => In Progress

** Also affects: apparmor
   Importance: Undecided
   Status: New

** Changed in: apparmor
   Status: New => Triaged

** Changed in: apparmor
   Importance: Undecided => Low

** Changed in: apparmor
 Assignee: (unassigned) => Jamie Strandboge (jdstrand)

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1848919

Title:
  [snap] Permission denied on Private encrypted folder

Status in AppArmor:
  Triaged
Status in chromium-browser package in Ubuntu:
  Invalid
Status in snapd package in Ubuntu:
  In Progress

Bug description:
  When accessing the Private (/home/username/Private, Encrypted
  Directory) folder (e.g. via "Link save as...") it shows "Could not
  read contents of Private, Error opening directory ...: Permission
  denied"

  Package: chromium-browser
  Version: 77.0.3865.120-0ubuntu1~snap1

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1848919/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp


[Desktop-packages] [Bug 1848919] Re: [snap] Permission denied on Private encrypted folder

2019-10-23 Thread Olivier Tilloy
Thanks Jamie.
I'll mark the bug invalid for chromium. Even though chromium is visibly 
affected, the root cause has been identified and is going to be fixed soon.

** Changed in: chromium-browser (Ubuntu)
   Status: Confirmed => Invalid

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1848919

Title:
  [snap] Permission denied on Private encrypted folder

Status in chromium-browser package in Ubuntu:
  Invalid
Status in snapd package in Ubuntu:
  Triaged

Bug description:
  When accessing the Private (/home/username/Private, Encrypted
  Directory) folder (e.g. via "Link save as...") it shows "Could not
  read contents of Private, Error opening directory ...: Permission
  denied"

  Package: chromium-browser
  Version: 77.0.3865.120-0ubuntu1~snap1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1848919/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp


[Desktop-packages] [Bug 1848919] Re: [snap] Permission denied on Private encrypted folder

2019-10-23 Thread Jamie Strandboge
Ok, I'll fix this in the next batch of policy updates for snapd.

** Changed in: snapd (Ubuntu)
   Importance: Undecided => Low

** Changed in: snapd (Ubuntu)
   Status: New => Triaged

** Changed in: snapd (Ubuntu)
 Assignee: (unassigned) => Jamie Strandboge (jdstrand)

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1848919

Title:
  [snap] Permission denied on Private encrypted folder

Status in chromium-browser package in Ubuntu:
  Confirmed
Status in snapd package in Ubuntu:
  Triaged

Bug description:
  When accessing the Private (/home/username/Private, Encrypted
  Directory) folder (e.g. via "Link save as...") it shows "Could not
  read contents of Private, Error opening directory ...: Permission
  denied"

  Package: chromium-browser
  Version: 77.0.3865.120-0ubuntu1~snap1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1848919/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp


[Desktop-packages] [Bug 1848919] Re: [snap] Permission denied on Private encrypted folder

2019-10-23 Thread Olivier Tilloy
Yes, it is mounted:

ubuntu@bionicvm:~$ mount | grep Private
/home/ubuntu/.Private on /home/ubuntu/Private type ecryptfs 
(rw,nosuid,nodev,relatime,ecryptfs_fnek_sig=11d8701311f9dc77,ecryptfs_sig=4ca5cd476d88b7cd,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_unlink_sigs)

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1848919

Title:
  [snap] Permission denied on Private encrypted folder

Status in chromium-browser package in Ubuntu:
  Confirmed
Status in snapd package in Ubuntu:
  New

Bug description:
  When accessing the Private (/home/username/Private, Encrypted
  Directory) folder (e.g. via "Link save as...") it shows "Could not
  read contents of Private, Error opening directory ...: Permission
  denied"

  Package: chromium-browser
  Version: 77.0.3865.120-0ubuntu1~snap1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1848919/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp


[Desktop-packages] [Bug 1848919] Re: [snap] Permission denied on Private encrypted folder

2019-10-23 Thread Jamie Strandboge
Ok, that is a read on /home/ubuntu/.Private/. Is the encrypted home
mounted at the time of the denial?

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1848919

Title:
  [snap] Permission denied on Private encrypted folder

Status in chromium-browser package in Ubuntu:
  Confirmed
Status in snapd package in Ubuntu:
  New

Bug description:
  When accessing the Private (/home/username/Private, Encrypted
  Directory) folder (e.g. via "Link save as...") it shows "Could not
  read contents of Private, Error opening directory ...: Permission
  denied"

  Package: chromium-browser
  Version: 77.0.3865.120-0ubuntu1~snap1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1848919/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp


[Desktop-packages] [Bug 1848919] Re: [snap] Permission denied on Private encrypted folder

2019-10-23 Thread Olivier Tilloy
Indeed I can see the rules you mention in
/etc/apparmor.d/abstractions/base, which is included by
/var/lib/snapd/apparmor/profiles/snap.chromium.chromium.

However I can reliably reproduce the issue, and I'm seeing the following
denial:

  AVC apparmor="DENIED" operation="open"
profile="snap.chromium.chromium" name="/home/ubuntu/.Private/" pid=11167
comm="pool" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1848919

Title:
  [snap] Permission denied on Private encrypted folder

Status in chromium-browser package in Ubuntu:
  Confirmed
Status in snapd package in Ubuntu:
  New

Bug description:
  When accessing the Private (/home/username/Private, Encrypted
  Directory) folder (e.g. via "Link save as...") it shows "Could not
  read contents of Private, Error opening directory ...: Permission
  denied"

  Package: chromium-browser
  Version: 77.0.3865.120-0ubuntu1~snap1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1848919/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp


[Desktop-packages] [Bug 1848919] Re: [snap] Permission denied on Private encrypted folder

2019-10-23 Thread Jamie Strandboge
Encrypted home is typically setup as ~/.Private, not ~/Private and the
policy already allows:

  owner @{HOME}/.Private/** mrixwlk,
  owner @{HOMEDIRS}/.ecryptfs/*/.Private/** mrixwlk,

The home interface should already allow ~/Private. What is the denial
you see in the logs?

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1848919

Title:
  [snap] Permission denied on Private encrypted folder

Status in chromium-browser package in Ubuntu:
  Confirmed
Status in snapd package in Ubuntu:
  New

Bug description:
  When accessing the Private (/home/username/Private, Encrypted
  Directory) folder (e.g. via "Link save as...") it shows "Could not
  read contents of Private, Error opening directory ...: Permission
  denied"

  Package: chromium-browser
  Version: 77.0.3865.120-0ubuntu1~snap1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1848919/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp