** Changed in: apparmor (Ubuntu)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1712039
Title:
AppArmor profile misses entry for
/var/lib/snapd/desktop/applications/mimeinfo.cache
Status in apparmor package in Ubuntu:
Fix Committed
Bug description:
The evince AppArmor profile seems to miss an entry for
/var/lib/snapd/desktop/applications/mimeinfo.cache.
If evince is launched, the following gets logged to syslog:
kernel: [81577.596186] audit: type=1400 audit(1503306090.062:2011):
apparmor="DENIED" operation="open" profile="/usr/bin/evince"
name="/var/lib/snapd/desktop/applications/mimeinfo.cache" pid=32268
comm="evince" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
I don't know if this should be allowed or denied. If you could add the
correct behaviour to the profile, that would be nice; otherwise, every
time evince is launched, a notification pops up (apparmor-notify
installed).
(Workaround:
Add to original profile (/etc/apparmor.d/usr.bin.evince):
#include <local/usr.bin.evince>
Insert into local profile (/etc/apparmor.d/local/usr.bin.evince):
/var/lib/snapd/desktop/applications/mimeinfo.cache r,
)
Release: Ubuntu 16.04.3 LTS
Package Version: evince-common 3.18.2-1ubuntu4.1
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1712039/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
