Verification completed in bug 2064672
** Tags removed: verification-needed verification-needed-noble
** Tags added: verification-done verification-done-noble
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs
Ah, so it's not the same issue as the original bug report, it's
something else. Since it's not related to apparmor, I recommend you open
a new bug here in launchpad or upstream
https://gitlab.gnome.org/GNOME/nautilus/-/issues so other people can
help you debug and hopefully fix this issue.
--
You
The main issue is that I still wasn't able to reproduce it locally.
Dan, could you check if this issue still happens with the unprivileged user
namespace restriction disabled?
sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
Please note that this makes your setup vulnerable, so I r
Erich Eickmeyer, I don't have a Tuxedo Computer to test, so could you
please check if the following profile works for you?
$ echo "# This profile allows everything and only exists to give the
# application a name instead of having the label "unconfined"
abi ,
include
profile tuxedo-control-cent
This issue should be fixed by apparmor 4.0.0~beta2-0ubuntu3 which is
currently in -proposed
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to nautilus in Ubuntu.
https://bugs.launchpad.net/bugs/2047256
Title:
Ubuntu 24.04 Some image thum
** Changed in: devhelp (Ubuntu)
Status: Confirmed => Fix Released
** Changed in: devhelp (Ubuntu)
Assignee: (unassigned) => Georgia Garcia (georgiag)
** Changed in: epiphany-browser (Ubuntu)
Status: Confirmed => Fix Released
** Changed in: epiphany-browse
Hi Daniel!
Thanks for testing and making sure. As you were able to figure out, the
AppArmor parser accepts both include and #includes, although we are deprecating
the latter.
Since the AppArmor policy is distributed by the Mozilla Team's firefox,
they need to add this permission to their AppArm
Hi Gerard
Brave does not work currently because we only added support to Chromium,
Firefox and Opera as you can see in the current snap_browsers abstraction [1].
I'm adding Brave support as well [2].
While that change is not applied to the apparmor package, as a workaround, you
could apply the
The autopkgtests for apparmor failed for the evince update because the
test requires the apparmor update which is also in proposed
https://launchpad.net/ubuntu/+source/apparmor/3.0.4-2ubuntu2.3 but it is
not a regression.
--
You received this bug notification because you are a member of Desktop
P
Reuploading because I had a conflicting version with what was rejected
in -proposed
** Patch added: "evince_42.3-0ubuntu3.2.debdiff"
https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1794064/+attachment/5711859/+files/evince_42.3-0ubuntu3.2.debdiff
--
You received this bug notification b
** Patch removed: "evince_42.3-0ubuntu3.1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1794064/+attachment/5711419/+files/evince_42.3-0ubuntu3.1.debdiff
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to evince in Ubunt
Hi! You're right, I forgot to request a sponsorship.
I uploaded the patch for evince/jammy, could you take a look and sponsor
if possible? Thanks
** Patch added: "evince_42.3-0ubuntu3.1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1794064/+attachment/5711419/+files/evince_42
Andreas, Jeremy, you are correct. The worst that could happen is the
same behavior we have currently: when we click a URL the browser does
not open, we get a denied log and evince prints "Permission denied".
My previous statement that profile loading could fail if apparmor did
not find "snap_brows
I have verified on lunar with both apparmor and evince packages updated
from the proposed pocket, it works as expected.
** Tags removed: verification-needed-lunar
** Tags added: verification-done-lunar
--
You received this bug notification because you are a member of Desktop
Packages, which is s
Steve, the snap_browsers abstractions needed an update because the
abstraction had not been updated in an year and the snap browsers now
required read and lock permissions to the file
/var/lib/snapd/inhibit/{browser-name}.lock, but this was also submitted,
approved and merged upstream:
https://gitl
Hi Steve.
I updated the patches containing the requested changes and uploaded them to
https://launchpad.net/~georgiag/+archive/ubuntu/lp1794064/+packages
Please let me know if you prefer I attached the debdiffs here.
I'm resubscribing ~ubuntu-sponsors. Thanks
** Patch removed: "evince_42.1-3ubun
Hi Daniel. Thanks for the report!
Could you try the following commands and let me know if they fix the
issue?
sudo sh -c "echo 'include ' >>
/etc/apparmor.d/local/usr.bin.firefox"
sudo apparmor_parser -r /etc/apparmor.d/usr.bin.firefox
--
You received this bug notification because you are a me
@Sebastien, yes, I asked people from the security team to sponsor it but
we are still reviewing the snap_browsers abstraction. We are denying
access to /run/user/[0-9]*/gdm/Xauthority in the policy but if that was
the case, then the browser should not have been able to open, but it
does open so we
** Patch added: "apparmor_3.0.3-0ubuntu1.1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1794064/+attachment/5581882/+files/apparmor_3.0.3-0ubuntu1.1.debdiff
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to evince in U
@Sebastien, yes, just did. Thank you!
I also attached the debdiffs for evince and apparmor for bionic, focal, impish
and jammy. They were also uploaded into the Security Proposed PPA:
https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages?field.name_filter=apparmor
https://
** Patch added: "apparmor_2.12-4ubuntu5.2.debdiff"
https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1794064/+attachment/5581885/+files/apparmor_2.12-4ubuntu5.2.debdiff
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to evince in Ubu
** Patch added: "apparmor_2.13.3-7ubuntu5.2.debdiff"
https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1794064/+attachment/5581884/+files/apparmor_2.13.3-7ubuntu5.2.debdiff
** Patch removed: "apparmor_3.0.3-0ubuntu1.1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/evince/+bug/17940
** Patch added: "apparmor_3.0.3-0ubuntu1.1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1794064/+attachment/5581883/+files/apparmor_3.0.3-0ubuntu1.1.debdiff
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to evince in U
** Patch added: "evince_40.4-2ubuntu0.1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1794064/+attachment/5581878/+files/evince_40.4-2ubuntu0.1.debdiff
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to evince in Ubuntu.
** Patch added: "apparmor_3.0.4-2ubuntu3.debdiff"
https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1794064/+attachment/5581881/+files/apparmor_3.0.4-2ubuntu3.debdiff
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to evince in Ubunt
** Patch added: "evince_3.28.4-0ubuntu1.3.debdiff"
https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1794064/+attachment/5581880/+files/evince_3.28.4-0ubuntu1.3.debdiff
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to evince in Ubu
** Patch added: "evince_3.36.10-0ubuntu1.1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1794064/+attachment/5581879/+files/evince_3.36.10-0ubuntu1.1.debdiff
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to evince in U
** Patch added: "evince_42.1-3ubuntu1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1794064/+attachment/5581877/+files/evince_42.1-3ubuntu1.debdiff
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to evince in Ubuntu.
htt
** Description changed:
- This is related to bug #1792648. After fixing that one (see discussion
- at https://salsa.debian.org/gnome-team/evince/merge_requests/1),
- clicking a hyperlink in a PDF opens it correctly if the default browser
- is a well-known application (such as /usr/bin/firefox), bu
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Georgia Garcia (georgiag)
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to evince in Ubuntu.
https://bugs.launchpad.net/bugs/1794064
Title:
Clicking a hyperlink in a
I'm working on a SRU for apparmor and evince to introduce the snap_browsers
abstraction on apparmor as a workaround for this issue.
It is based on these two merge requests from upstream:
https://gitlab.com/apparmor/apparmor/-/merge_requests/806
https://gitlab.com/apparmor/apparmor/-/merge_requests
I was able to reproduce this issue on focal and bionic but not on
impish. I'm still investigating why, since I don't see any changes in
policies that might affect this issue, but I could have missed
something.
--
You received this bug notification because you are a member of Desktop
Packages, whi
** Changed in: evince (Ubuntu)
Assignee: (unassigned) => Georgia Garcia (georgiag)
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to evince in Ubuntu.
https://bugs.launchpad.net/bugs/1794064
Title:
Clicking a hyperlink in a
33 matches
Mail list logo
