Public bug reported:
In Focal, abstractions/X has the following section in it:
# the unix socket to use to connect to the display
/tmp/.X11-unix/* rw,
unix (connect, receive, send)
type=stream
peer=(addr="@/tmp/.X11-unix/X[0-9]*"),
unix (connect, receive, send)
type=stream
peer=(addr="@/tmp/.ICE-unix/[0-9]*"),
However, in Impish, this seems to have changed:
# the unix socket to use to connect to the display
/tmp/.X11-unix/* r,
unix (connect, receive, send)
type=stream
peer=(addr="@/tmp/.X11-unix/X[0-9]*"),
unix (connect, receive, send)
type=stream
peer=(addr="@/tmp/.ICE-unix/[0-9]*"),
This in turn breaks torbrowser-launcher's Firefox from launching, even
if we include the X abstractions, because the display sockets in
/tmp/.X11-unix/* (X0 for Display :0 for example) are not read/write.
This looks like a MAJOR regression by removing the permissions. Or has
Impish apparmor not been updated for any Ubuntu specific changes?
ProblemType: Bug
DistroRelease: Ubuntu 21.10
Package: apparmor 3.0.0-0ubuntu8
ProcVersionSignature: Ubuntu 5.11.0-20.21+21.10.1-generic 5.11.21
Uname: Linux 5.11.0-20-generic x86_64
ApportVersion: 2.20.11-0ubuntu67
Architecture: amd64
CasperMD5CheckResult: unknown
CurrentDesktop: LXQt
Date: Tue Jun 29 14:39:00 2021
InstallationDate: Installed on 2021-06-29 (0 days ago)
InstallationMedia: Lubuntu 21.10 "Impish Indri" - Alpha amd64 (20210628)
ProcKernelCmdline: BOOT_IMAGE=/boot/vmlinuz-5.11.0-20-generic
root=UUID=d042602b-0900-4b2e-acb1-f67436e9805f ro quiet splash vt.handoff=7
SourcePackage: apparmor
UpgradeStatus: No upgrade log present (probably fresh install)
** Affects: apparmor (Ubuntu)
Importance: High
Status: New
** Tags: amd64 apport-bug impish
** Summary changed:
- abstractions/X: Possible regression by removing 'w' from /tmp/.X11-unix/* line
+ abstractions/X: Possible regression of X session functionality by removing
'w' from /tmp/.X11-unix/* line?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1934005
Title:
abstractions/X: Possible regression of X session functionality by
removing 'w' from /tmp/.X11-unix/* line?
Status in apparmor package in Ubuntu:
New
Bug description:
In Focal, abstractions/X has the following section in it:
# the unix socket to use to connect to the display
/tmp/.X11-unix/* rw,
unix (connect, receive, send)
type=stream
peer=(addr="@/tmp/.X11-unix/X[0-9]*"),
unix (connect, receive, send)
type=stream
peer=(addr="@/tmp/.ICE-unix/[0-9]*"),
However, in Impish, this seems to have changed:
# the unix socket to use to connect to the display
/tmp/.X11-unix/* r,
unix (connect, receive, send)
type=stream
peer=(addr="@/tmp/.X11-unix/X[0-9]*"),
unix (connect, receive, send)
type=stream
peer=(addr="@/tmp/.ICE-unix/[0-9]*"),
This in turn breaks torbrowser-launcher's Firefox from launching, even
if we include the X abstractions, because the display sockets in
/tmp/.X11-unix/* (X0 for Display :0 for example) are not read/write.
This looks like a MAJOR regression by removing the permissions. Or
has Impish apparmor not been updated for any Ubuntu specific changes?
ProblemType: Bug
DistroRelease: Ubuntu 21.10
Package: apparmor 3.0.0-0ubuntu8
ProcVersionSignature: Ubuntu 5.11.0-20.21+21.10.1-generic 5.11.21
Uname: Linux 5.11.0-20-generic x86_64
ApportVersion: 2.20.11-0ubuntu67
Architecture: amd64
CasperMD5CheckResult: unknown
CurrentDesktop: LXQt
Date: Tue Jun 29 14:39:00 2021
InstallationDate: Installed on 2021-06-29 (0 days ago)
InstallationMedia: Lubuntu 21.10 "Impish Indri" - Alpha amd64 (20210628)
ProcKernelCmdline: BOOT_IMAGE=/boot/vmlinuz-5.11.0-20-generic
root=UUID=d042602b-0900-4b2e-acb1-f67436e9805f ro quiet splash vt.handoff=7
SourcePackage: apparmor
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1934005/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
