apparmor prevents evince from accessing /run/user/

Status changed to 'Confirmed' because the bug affects multiple users.

to reproduce, just start evince, no need to do anything else. It also happens when closing it.

to fix, edit /etc/apparmor.d/usr.bin.evince and add this line in the /usr/bin/evince section:

owner /{,var/}run/user/*/dconf/user rw,

then reload the profile with:

sudo apparmor_parser -r /etc/apparmor.d/usr.bin.evince

Hey ubuntu-security, could somebody in your team look at that? I guess it's a change similar to the one done to other sources recently

e.g adding
"
owner /{,var/}run/user/*/dconf/ w,
owner /{,var/}run/user/*/dconf/user rw,"

to the profile, but I would prefer to have somebody who knows apparmor better than me to confirm before doing that

Uploaded 3.6.0-0ubuntu2.

This bug was fixed in the package evince - 3.6.0-0ubuntu2

---------------
evince (3.6.0-0ubuntu2) quantal; urgency=low

  * debian/apparmor-profile: for evince and evince-previewer, allow owner 'rw'
    access to /{,var/}run/user/*/dconf/user (LP: #1062531)
 -- Jamie Strandboge <email address hidden> Tue, 09 Oct 2012 08:51:50 -0500

Thank you for the quick fix!

For anyone, like me, who is naive enough to think that it's possible to set XDG_CACHE_HOME or DCONF_PROFILE to values other than the default, note that this fix _only_ allows access to the "user" profile. If you rename your user profile, you cannot use any apparmor-enabled application that uses dconf. I know there's nothing to be done about this, but I'm leaving this comment here lest anyone else encounter this situation.