mmap of ...mir/client-platform/mesa.so DENIED
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
Fix Released
|
Undecided
|
Steve Beattie | ||
apparmor (Ubuntu) |
Fix Released
|
High
|
Steve Beattie | ||
apparmor-easyprof-ubuntu (Ubuntu) |
Fix Released
|
High
|
Steve Beattie |
Bug Description
I'm running ubuntu touch vivid-vervet:
root@ubuntu-
Description: Ubuntu Vivid Vervet (development branch)
Release: 15.04
root@ubuntu-
current build number: 101
device name: hammerhead
channel: ubuntu-
alias: ubuntu-
last update: 1970-01-22 15:43:01
version version: 101
version keyring: archive-master
version device: 20150210
version custom: 3
This bug is similar to #658135 but in this case it is the files in /usr/lib/
root@ubuntu-
apparmor:
Installed: 2.8.98-0ubuntu4
Candidate: 2.8.98-0ubuntu4
Version table:
*** 2.8.98-0ubuntu4 0
500 http://
100 /var/lib/
Most of my installed apps do not start, giving errors similar to this in syslog:
root@ubuntu-
Feb 16 23:11:56 ubuntu-phablet kernel: [28314.176317] type=1400 audit(142412471
Setting apparmor to complain mode makes the app run, and so does adding the following line to /etc/apparmor.
/usr/
(just before the line saying "/usr/lib/
So, mesa.so (and dummy.so and android.so) are not matched because they do not contain the file name prefix "lib". (Since the file system is read only I copied the files elsewhere and ran apparmor_parser on the modified files.)
I do not know if this is the correct fix, but at least it points to a problem. (Maybe the library name should be different, the change made to another file, like abstractions/X, or maybe the profile for calculator is incorrect -- but if it is then lots of profiles are incorrect.)
Changed in apparmor (Ubuntu): | |
status: | Confirmed → Triaged |
tags: | added: aa-policy application-confinement |
Changed in apparmor: | |
status: | New → Triaged |
assignee: | nobody → Steve Beattie (sbeattie) |
Changed in apparmor (Ubuntu): | |
assignee: | nobody → Steve Beattie (sbeattie) |
Changed in apparmor (Ubuntu): | |
status: | Triaged → In Progress |
Changed in apparmor-easyprof-ubuntu (Ubuntu): | |
status: | New → In Progress |
Changed in apparmor (Ubuntu): | |
importance: | Undecided → High |
Changed in apparmor-easyprof-ubuntu (Ubuntu): | |
importance: | Undecided → High |
assignee: | nobody → Steve Beattie (sbeattie) |
Changed in apparmor: | |
status: | Triaged → In Progress |
Changed in apparmor (Ubuntu): | |
status: | In Progress → Fix Committed |
Changed in apparmor-easyprof-ubuntu (Ubuntu): | |
status: | In Progress → Fix Committed |
Changed in apparmor (Ubuntu): | |
status: | Fix Released → Triaged |
Changed in apparmor: | |
status: | In Progress → Fix Committed |
milestone: | none → 2.9.2 |
Changed in apparmor: | |
status: | Fix Committed → Fix Released |
Status changed to 'Confirmed' because the bug affects multiple users.