Public bug reported:
When a firefox user has downloaded a file, the download dropdown
includes an 'Open Containing Folder' option which does what the name
implies.
When AppArmor is enabled, this button stops working. Instead, the
following denials are logged:-
dbus-daemon[6348]: apparmor="DENIED" operation="dbus_method_call"
bus="session" path="/org/freedesktop/FileManager1"
interface="org.freedesktop.FileManager1" member="ShowItems" mask="send"
name="org.freedesktop.FileManager1" pid=6874 label="firefox"
peer_pid=8779 peer_label="unconfined"
dbus-daemon[6348]: apparmor="DENIED" operation="dbus_method_call"
bus="session" path="/org/gnome/Nautilus"
interface="org.freedesktop.Application" member="Open" mask="send"
name="org.gnome.Nautilus" pid=6874 label="firefox" peer_pid=8779
peer_label="unconfined"
Adding the following permissions to /etc/apparmor.d/usr.bin.firefox
fixes the issue:-
# 'Open Containing Folder' function for downloads
dbus (send)
bus=session
path=/org/freedesktop/FileManager1
interface=org.freedesktop.FileManager1
member="ShowItems"
peer=(label=unconfined),
dbus (send)
bus=session
path=/org/gnome/Nautilus
interface=org.freedesktop.Application
member="Open"
peer=(label=unconfined),
ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: firefox 90.0+build1-0ubuntu0.20.04.1
ProcVersionSignature: Ubuntu 5.8.0-63.71~20.04.1-generic 5.8.18
Uname: Linux 5.8.0-63-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia
AddonCompatCheckDisabled: False
ApportVersion: 2.20.11-0ubuntu27.18
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/controlC0: mtandy 6342 F.... pulseaudio
/dev/snd/pcmC0D0p: mtandy 6342 F...m pulseaudio
/dev/snd/controlC1: mtandy 6342 F.... pulseaudio
BuildID: 20210705185941
CasperMD5CheckResult: skip
Channel: Unavailable
CurrentDesktop: ubuntu:GNOME
Date: Thu Jul 29 00:04:41 2021
ForcedLayersAccel: False
IncompatibleExtensions: Default - {972ce4c6-7e08-4474-a285-3208198ce6fd}
InstallationDate: Installed on 2021-05-31 (58 days ago)
InstallationMedia: Ubuntu 20.04.2.0 LTS "Focal Fossa" - Release amd64
(20210209.1)
IpRoute:
default via 192.168.0.1 dev enp3s0 proto dhcp metric 100
169.254.0.0/16 dev enp3s0 scope link metric 1000
192.168.0.0/24 dev enp3s0 proto kernel scope link src 192.168.0.2 metric 100
MostRecentCrashID: bp-4122b123-9c74-4baf-b817-c8a771171216
PrefErrors: Unexpected character ',' before close parenthesis @
/usr/lib/firefox/omni.ja:greprefs.js:352
PrefSources: prefs.js
Profiles: Profile0 (Default) - LastVersion=90.0/20210705185941 (In use)
RunningIncompatibleAddons: True
SourcePackage: firefox
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 07/11/2014
dmi.bios.release: 4.6
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: 2202
dmi.board.asset.tag: To be filled by O.E.M.
dmi.board.name: Z97-K
dmi.board.vendor: ASUSTeK COMPUTER INC.
dmi.board.version: Rev X.0x
dmi.chassis.asset.tag: To Be Filled By O.E.M.
dmi.chassis.type: 3
dmi.chassis.vendor: To Be Filled By O.E.M.
dmi.chassis.version: To Be Filled By O.E.M.
dmi.modalias:
dmi:bvnAmericanMegatrendsInc.:bvr2202:bd07/11/2014:br4.6:svnASUS:pnAllSeries:pvrSystemVersion:rvnASUSTeKCOMPUTERINC.:rnZ97-K:rvrRevX.0x:cvnToBeFilledByO.E.M.:ct3:cvrToBeFilledByO.E.M.:
dmi.product.family: ASUS MB
dmi.product.name: All Series
dmi.product.sku: All
dmi.product.version: System Version
dmi.sys.vendor: ASUS
mtime.conffile..etc.apparmor.d.usr.bin.firefox: 2021-07-28T23:39:29.648857
** Affects: firefox (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug focal
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1938355
Title:
When enabled, Firefox AppArmor profile blocks 'Open Containing Folder'
function for downloads
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1938355/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
