mimeinfo.cache

Launchpad Bug Tracker Thu, 19 Apr 2018 16:33:12 -0700

This bug was fixed in the package apparmor - 2.12-4ubuntu5

---------------
apparmor (2.12-4ubuntu5) bionic; urgency=medium


  [ Didier Roche ]
  * debian/patches/ubuntu/communitheme-snap-support.patch:
    - support communitheme snap (LP: #1762983)

  [ Jamie Strandboge ]
  * debian/patches/ubuntu/add-chromium-browser.patch: adjust for newer
    chromium (LP: #1101298, LP: #1594589, LP: #1647142)
    - add attach_disconnected
    - allow reading /proc/vmstat
    - don't require owner match for /proc/pid/{stat,status} and task
      counterparts
    - adjust pci[0-9] to be pci[0-9a-f]
    - allow reading all uevents and /sys/devices/virtual/tty/tty0/active
    - allow ptracing xdgsettings and lsb-release
    - xdgsettings uses head and tr and looks at /usr/share/ubuntu/applications/
    - lsb-release uses python 3.6 and looks at apport, apt.conf, dpkg and
      distro-info
    - use 'm' on on sandbox
  * debian/patches/ubuntu/mimeinfo-snap-support.patch: allow reading
    /var/lib/snapd/desktop/applications *.desktop and mimeinfo.cache
    (LP: #1712039)

 -- Jamie Strandboge <ja...@ubuntu.com>  Tue, 17 Apr 2018 20:15:16 +0000

** Changed in: apparmor (Ubuntu)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1712039

Title:
  AppArmor profile misses entry for
  /var/lib/snapd/desktop/applications/mimeinfo.cache

Status in apparmor package in Ubuntu:
  Fix Released

Bug description:
  The evince AppArmor profile seems to miss an entry for 
/var/lib/snapd/desktop/applications/mimeinfo.cache.
  If evince is launched, the following gets logged to syslog:

  kernel: [81577.596186] audit: type=1400 audit(1503306090.062:2011):
  apparmor="DENIED" operation="open" profile="/usr/bin/evince"
  name="/var/lib/snapd/desktop/applications/mimeinfo.cache" pid=32268
  comm="evince" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

  I don't know if this should be allowed or denied. If you could add the
  correct behaviour to the profile, that would be nice; otherwise, every
  time evince is launched, a notification pops up (apparmor-notify
  installed).

  
  (Workaround:

  Add to original profile (/etc/apparmor.d/usr.bin.evince):
    #include <local/usr.bin.evince>

  Insert into local profile (/etc/apparmor.d/local/usr.bin.evince):
    /var/lib/snapd/desktop/applications/mimeinfo.cache r,
  )

  Release: Ubuntu 16.04.3 LTS
  Package Version: evince-common 3.18.2-1ubuntu4.1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1712039/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1712039] Re: AppArmor profile misses entry for /var/lib/snapd/desktop/applications/mimeinfo.cache

Reply via email to