Public bug reported: In enforce mode, Chromium won't start on my computer due to the fact that my computer has one level of subfolders more in /sys/devices/pci.../... than covered by the standard profile. As the folder structure in /sys/devices is something I didn't change, I'd suggest to add rules for that case to the profile.
The attached profile is working, my changes are on the top for your review (including some Ux rights for Flash). ProblemType: Bug DistroRelease: Ubuntu 11.10 Package: apparmor-profiles 2.7.0~beta1+bzr1774-1ubuntu2 ProcVersionSignature: Ubuntu 3.0.0-12.20-generic 3.0.4 Uname: Linux 3.0.0-12-generic x86_64 ApportVersion: 1.23-0ubuntu4 Architecture: amd64 Date: Thu Nov 3 19:49:59 2011 Dependencies: InstallationMedia: Lubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111012) PackageArchitecture: all ProcEnviron: LANG=de_DE.UTF-8 SHELL=/bin/bash ProcKernelCmdline: BOOT_IMAGE=/boot/vmlinuz-3.0.0-12-generic root=UUID=48c22694-7660-428f-96f1-09999f29b260 ro quiet splash vt.handoff=7 SourcePackage: apparmor UpgradeStatus: No upgrade log present (probably fresh install) modified.conffile..etc.apparmor.d.bin.ping: [modified] modified.conffile..etc.apparmor.d.sbin.klogd: [modified] modified.conffile..etc.apparmor.d.sbin.syslog.ng: [modified] modified.conffile..etc.apparmor.d.sbin.syslogd: [modified] modified.conffile..etc.apparmor.d.usr.lib.dovecot.deliver: [modified] modified.conffile..etc.apparmor.d.usr.lib.dovecot.dovecot.auth: [modified] modified.conffile..etc.apparmor.d.usr.lib.dovecot.imap: [modified] modified.conffile..etc.apparmor.d.usr.lib.dovecot.imap.login: [modified] modified.conffile..etc.apparmor.d.usr.lib.dovecot.managesieve.login: [modified] modified.conffile..etc.apparmor.d.usr.lib.dovecot.pop3: [modified] modified.conffile..etc.apparmor.d.usr.lib.dovecot.pop3.login: [modified] modified.conffile..etc.apparmor.d.usr.sbin.avahi.daemon: [modified] modified.conffile..etc.apparmor.d.usr.sbin.dnsmasq: [modified] modified.conffile..etc.apparmor.d.usr.sbin.dovecot: [modified] modified.conffile..etc.apparmor.d.usr.sbin.identd: [modified] modified.conffile..etc.apparmor.d.usr.sbin.mdnsd: [modified] modified.conffile..etc.apparmor.d.usr.sbin.nmbd: [modified] modified.conffile..etc.apparmor.d.usr.sbin.nscd: [modified] modified.conffile..etc.apparmor.d.usr.sbin.smbd: [modified] modified.conffile..etc.apparmor.d.usr.sbin.traceroute: [modified] mtime.conffile..etc.apparmor.d.bin.ping: 2011-10-21T15:41:23.034082 mtime.conffile..etc.apparmor.d.sbin.klogd: 2011-10-21T15:41:24.954066 mtime.conffile..etc.apparmor.d.sbin.syslog.ng: 2011-10-21T15:41:25.982058 mtime.conffile..etc.apparmor.d.sbin.syslogd: 2011-10-21T15:41:25.326063 mtime.conffile..etc.apparmor.d.usr.bin.chromium.browser: 2011-11-03T19:26:10.592408 mtime.conffile..etc.apparmor.d.usr.lib.dovecot.deliver: 2011-10-21T15:42:11.877663 mtime.conffile..etc.apparmor.d.usr.lib.dovecot.dovecot.auth: 2011-10-21T15:42:12.541657 mtime.conffile..etc.apparmor.d.usr.lib.dovecot.imap: 2011-10-21T15:42:13.245651 mtime.conffile..etc.apparmor.d.usr.lib.dovecot.imap.login: 2011-10-21T15:42:13.897645 mtime.conffile..etc.apparmor.d.usr.lib.dovecot.managesieve.login: 2011-10-21T15:42:14.265642 mtime.conffile..etc.apparmor.d.usr.lib.dovecot.pop3: 2011-10-21T15:42:14.637639 mtime.conffile..etc.apparmor.d.usr.lib.dovecot.pop3.login: 2011-10-21T15:42:15.285633 mtime.conffile..etc.apparmor.d.usr.sbin.avahi.daemon: 2011-10-21T15:42:15.925627 mtime.conffile..etc.apparmor.d.usr.sbin.dnsmasq: 2011-10-21T15:42:18.773602 mtime.conffile..etc.apparmor.d.usr.sbin.dovecot: 2011-10-21T15:42:19.441597 mtime.conffile..etc.apparmor.d.usr.sbin.identd: 2011-10-21T15:42:20.253589 mtime.conffile..etc.apparmor.d.usr.sbin.mdnsd: 2011-10-21T15:42:20.861584 mtime.conffile..etc.apparmor.d.usr.sbin.nmbd: 2011-10-21T15:42:21.473578 mtime.conffile..etc.apparmor.d.usr.sbin.nscd: 2011-10-21T15:42:22.165572 mtime.conffile..etc.apparmor.d.usr.sbin.smbd: 2011-10-21T15:42:23.665559 mtime.conffile..etc.apparmor.d.usr.sbin.traceroute: 2011-10-21T15:42:25.389544 ** Affects: apparmor (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apparmor apport-bug chromium-browser oneiric -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/885833 Title: Not all possible paths covered by Chromium Browser AppArmor profile To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/885833/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs