This bug was fixed in the package snapd - 2.0.8
---
snapd (2.0.8) xenial; urgency=medium
* New upstream release: LP: #1589534
- debian: make `snap refresh` times more random (LP: #1537793)
- cmd: ExecInCoreSnap looks in "core" snap first, and only in
"ubuntu-core" snap
2.0.8 generates the new input methods policy and it correctly compiles.
Marking verification-done.
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.laun
** Changed in: snapd (Ubuntu Yakkety)
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1580463
Title:
Snap blocks access to system input methods (ibus, fctix,
Based on comment #15 I removed im-config 0.29-1ubuntu12.1 from xenial-
proposed so it doesn't accidentally get promoted.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1580463
Title:
Snap blocks acce
FYI, fcitx uses dbus-daemon (as opposed to ibus-daemon, which does not)
and so apparmor dbus mediation can be used with 'dbus bus=fcitx,'. As
such, im-config does not need an update for fcitx.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ub
Hello Sebastien, or anyone else affected,
Accepted snapd into xenial-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/snapd/2.0.6 in a few
hours, and then in the -proposed repository.
Please help us by testing this new package. See
https://wiki.ubuntu
Tyler said that he would update the apparmor ibus abstraction for this
change, which will be required to not break ibus in evince and
webbrowser-app. As such, I'm going to mark this as 'verification-failed'
then adjust im-config to Breaks with apparmor less than the version
Tyler is uploading.
**
** Also affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
** Changed in: apparmor (Ubuntu Xenial)
Status: New => Triaged
** Changed in: apparmor (Ubuntu Yakkety)
Status: New => In Progress
** Changed in: apparmor (Ubuntu Xenial)
Importance: Undecided => Medi
** Changed in: snapd (Ubuntu Yakkety)
Status: Incomplete => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1580463
Title:
Snap blocks access to system input methods (ibus, fctix, ...
works confined after adding "#include " to the
apparmor profile
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1580463
Title:
Snap blocks access to system input methods (ibus, fctix, ...)
To manage
> what about fcitx?
so I had a look to that, a bit similar to ibus
* bundle "fcitx-frontend-gtk3" in your deb
* include those lines in the bundle (replace the static version)
export XDG_CACHE_HOME=$SNAP_USER_DATA/.cache-$SNAP_VERSION
mkdir -p $XDG_CACHE_HOME
export GTK_IM_MODULE_DIR=$XDG_CACHE_
Hello Sebastien, or anyone else affected,
Accepted im-config into xenial-proposed. The package will build now and
be available at https://launchpad.net/ubuntu/+source/im-
config/0.29-1ubuntu12.1 in a few hours, and then in the -proposed
repository.
Please help us by testing this new package. See
** Description changed:
= SRU im-config =
[Impact]
ibus-daemon by default uses a unix socket name of /tmp/dbus-... that is
indistinguishable from dbus-daemon abstract sockets. While dbus-daemon has
AppArmor mediation, ibus-daemon does not so it is important that its abstract
socket not be
This bug was fixed in the package im-config - 0.29-1ubuntu13
---
im-config (0.29-1ubuntu13) yakkety; urgency=medium
* debian/patches/use-distinguishable-abstract-address.patch: adjust
ibus-daemon args to include "--address 'unix:tmpdir=/tmp/ibus'" so it has
a mediatable abst
** Description changed:
- Currently snaps can't access ibus/fcitx from the system, do we need a
- interface for input methods there?
+ = SRU im-config =
+ [Impact]
+ ibus-daemon by default uses a unix socket name of /tmp/dbus-... that is
indistinguishable from dbus-daemon abstract sockets. While
** Changed in: im-config (Ubuntu Xenial)
Status: In Progress => Triaged
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1580463
Title:
Snap blocks access to system input methods (ibus, fctix, .
** Changed in: im-config (Ubuntu Yakkety)
Status: In Progress => Fix Committed
** Changed in: im-config (Ubuntu Xenial)
Status: New => In Progress
** Changed in: im-config (Ubuntu Xenial)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Changed in: im-config (Ubuntu Ya
** Also affects: snapd (Ubuntu Yakkety)
Importance: Medium
Status: Incomplete
** Also affects: snapd (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: im-config (Ubuntu)
Importance: Undecided
Status: New
** Changed in: im-config (Ubuntu Yakkety)
FYI, I think we have a handle on how to fix the ibus access wrt security
policy to properly mediate the ibus abstract socket that doesn't involve
code changes.
@seb128: you gave details on how to get ibus working in comment #3
(thanks!), what about fcitx?
** Changed in: snapd (Ubuntu)
Stat
** Changed in: snapd (Ubuntu)
Status: New => In Progress
** Changed in: snapd (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1
On 05/11/2016 11:46 AM, Tyler Hicks wrote:
> On 05/11/2016 10:22 AM, Jamie Strandboge wrote:
> ...
>>
>> We then have dbus-session-strict:
>> unix (connect, receive, send)
>>type=stream
>>peer=(addr="@/tmp/dbus-*"),
>>
>> There is a problem with this policy though; that access is
@Tyler, if it is its own service and not dbus, it shouldn't use a name
like @/tmp/dbus-*. It should instead use @/tmp/ibus-daemon-* or similar.
This 'strict' rule is intended to allow connection to *dbus* services
since dbus has apparmor mediation. If a service isn't a dbus service, it
should use a
On 05/11/2016 10:22 AM, Jamie Strandboge wrote:
...
>
> We then have dbus-session-strict:
> unix (connect, receive, send)
>type=stream
>peer=(addr="@/tmp/dbus-*"),
>
> There is a problem with this policy though; that access is not very
> strict at all and we should adjust the un
k, well the issue is that the bus address is written in the real userdir
and ibus tries to look at the standard location which is diverted to the
private dir in the snap, which is empty... we would need something to
copy or bind mount the real dir over
--
You received this bug notification becaus
"things work even without devmode, that's probably because ibus is using
a private bus between the service and the client and that's not being
restricted"
Note that we have a few things in the unity7 interface already: accesses to
@{HOME}/.config/ibus/bus/* and some accesses to the accessibility
things work even without devmode, that's probably because ibus is using
a private bus between the service and the client and that's not being
restricted
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/15
Ok, I got it working, in addition of the previous steps you need:
- cp /usr/lib/x86_64-linux-gnu/gtk-3.0/3.0.0/immodules.cache to your snap dir
- edit it to keep only ibus/change the dirs to be
"/snap/gnome-calculator/current/..."
- have the yaml define "immodules.cache:
usr/lib/x86_64-linux-gnu/
Hum, there are some issues there
* ibus/fcitx integrate into the toolkits by using modules, for example
to have a gtk3 software working with ibus you need "ibus-gtk3"
installed, for fctix you need "fcitx-frontend-gtk3" ... do we expect
every snap to have to include those?
* those have an user ses
We either need an interface or to simply update the unity7 interface
accordingly. Can you please provide a snap and instructions on how to
reproduce (for both ibus and fcitx)?
** Changed in: snapd (Ubuntu)
Status: New => Incomplete
** Changed in: snapd (Ubuntu)
Importance: Undecided =>
** Summary changed:
- Needs for an input method interface?
+ Snap blocks access to system input methods (ibus, fctix, ...)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1580463
Title:
Snap blocks a
30 matches
Mail list logo
