Ubuntu
apparmor-easyprof-ubuntu package

[HTML5] AppaArmor denials to used the system installed UI SDK files, when webapp container used as a launcher

Bug #1477580 reported by Alexandre Abreu
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Canonical System Image
Fix Released
Critical
David Barth
Canonical System Image ww50-2015 "ota8.5"
apparmor-easyprof-ubuntu (Ubuntu)
Fix Released
High
Jamie Strandboge
apparmor-easyprof-ubuntu (Ubuntu RTM)
Fix Released
Critical
Jamie Strandboge
ubuntu-personal-security (Ubuntu)
Fix Released
Undecided
Jamie Strandboge

Bug Description

When launching an app create with the default HTML5 template in qtc on the device (it now uses the 'ubunu-webapp' apparmor template), the css styles are not applied at all.

Here are the apparmor denials:

Syslog> Jul 23 13:36:32 ubuntu-phablet kernel: [74934.079466] type=1400 audit(1437658592.368:199): apparmor="DENIED" operation="open" profile="tutu.abreu-alexandre_tutu_0.1" name="/usr/share/ubuntu-html5-ui-toolkit/0.1/ambiance/js/fast-buttons.js" pid=13230 comm="Chrome_FileThre" requested_mask="r" denied_mask="r" fsuid=32011 ouid=0
Sdk-Launcher> There has been a AppArmor denial for your application.
Sdk-Launcher> Most likely it is missing a policy in the AppArmor file.
Syslog> Jul 23 13:36:32 ubuntu-phablet kernel: [74934.082182] type=1400 audit(1437658592.368:200): apparmor="DENIED" operation="open" profile="tutu.abreu-alexandre_tutu_0.1" name="/usr/share/ubuntu-html5-ui-toolkit/0.1/ambiance/js/core.js" pid=13230 comm="Chrome_FileThre" requested_mask="r" denied_mask="r" fsuid=32011 ouid=0
Sdk-Launcher> There has been a AppArmor denial for your application.
Sdk-Launcher> Most likely it is missing a policy in the AppArmor file.
Syslog> Jul 23 13:36:32 ubuntu-phablet kernel: [74934.083800] type=1400 audit(1437658592.368:201): apparmor="DENIED" operation="open" profile="tutu.abreu-alexandre_tutu_0.1" name="/usr/share/ubuntu-html5-ui-toolkit/0.1/ambiance/js/buttons.js" pid=13230 comm="Chrome_FileThre" requested_mask="r" denied_mask="r" fsuid=32011 ouid=0
Sdk-Launcher> There has been a AppArmor denial for your application.
Sdk-Launcher> Most likely it is missing a policy in the AppArmor file.
Syslog> Jul 23 13:36:32 ubuntu-phablet kernel: [74934.086150] type=1400 audit(1437658592.378:202): apparmor="DENIED" operation="open" profile="tutu.abreu-alexandre_tutu_0.1" name="/usr/share/ubuntu-html5-ui-toolkit/0.1/ambiance/js/dialogs.js" pid=13230 comm="Chrome_FileThre" requested_mask="r" denied_mask="r" fsuid=32011 ouid=0
Sdk-Launcher> There has been a AppArmor denial for your application.
Sdk-Launcher> Most likely it is missing a policy in the AppArmor file.
Syslog> Jul 23 13:36:32 ubuntu-phablet kernel: [74934.088011] type=1400 audit(1437658592.378:203): apparmor="DENIED" operation="open" profile="tutu.abreu-alexandre_tutu_0.1" name="/usr/share/ubuntu-html5-ui-toolkit/0.1/ambiance/js/page.js" pid=13230 comm="Chrome_FileThre" requested_mask="r" denied_mask="r" fsuid=32011 ouid=0
Sdk-Launcher> There has been a AppArmor denial for your application.
Sdk-Launcher> Most likely it is missing a policy in the AppArmor file.
Syslog> Jul 23 13:36:32 ubuntu-phablet kernel: [74934.092620] type=1400 audit(1437658592.378:204): apparmor="DENIED" operation="open" profile="tutu.abreu-alexandre_tutu_0.1" name="/usr/share/ubuntu-html5-ui-toolkit/0.1/ambiance/js/pagestacks.js" pid=13230 comm="Chrome_FileThre" requested_mask="r" denied_mask="r" fsuid=32011 ouid=0
Sdk-Launcher> There has been a AppArmor denial for your application.
Sdk-Launcher> Most likely it is missing a policy in the AppArmor file.
Syslog> Jul 23 13:36:32 ubuntu-phablet kernel: [74934.094909] type=1400 audit(1437658592.388:205): apparmor="DENIED" operation="open" profile="tutu.abreu-alexandre_tutu_0.1" name="/usr/share/ubuntu-html5-ui-toolkit/0.1/ambiance/js/tab.js" pid=13230 comm="Chrome_FileThre" requested_mask="r" denied_mask="r" fsuid=32011 ouid=0

Tags: hotfix
Alexandre Abreu (abreu-alexandre)
Changed in apparmor-easyprof-ubuntu (Ubuntu):
importance: Undecided → High
Jamie Strandboge (jdstrand)
Changed in apparmor-easyprof-ubuntu (Ubuntu):
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in ubuntu-personal-security (Ubuntu):
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in apparmor-easyprof-ubuntu (Ubuntu):
status: New → In Progress
Changed in ubuntu-personal-security (Ubuntu):
status: New → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apparmor-easyprof-ubuntu - 15.10.7

---------------
apparmor-easyprof-ubuntu (15.10.7) wily; urgency=medium

  * ubuntu/ubuntu-webapp: allow read access to /usr/share/ubuntu-html5-theme
    and /usr/share/ubuntu-html5-ui-toolkit (LP: #1477580)

 -- Jamie Strandboge <email address hidden> Thu, 23 Jul 2015 16:16:49 -0500

Changed in apparmor-easyprof-ubuntu (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubuntu-personal-security - 15.10.2

---------------
ubuntu-personal-security (15.10.2) wily; urgency=medium

  * ubuntu/ubuntu-webapp: allow read access to /usr/share/ubuntu-html5-theme
    and /usr/share/ubuntu-html5-ui-toolkit (LP: #1477580)

 -- Jamie Strandboge <email address hidden> Thu, 23 Jul 2015 16:25:08 -0500

Changed in ubuntu-personal-security (Ubuntu):
status: In Progress → Fix Released
Pat McGowan (pat-mcgowan)
Changed in canonical-devices-system-image:
importance: Undecided → Critical
milestone: none → ww02-2016
status: New → Confirmed
tags: added: hotfix
Changed in canonical-devices-system-image:
assignee: nobody → David Barth (dbarth)
Jamie Strandboge (jdstrand)
Changed in apparmor-easyprof-ubuntu (Ubuntu RTM):
assignee: nobody → Jamie Strandboge (jdstrand)
importance: Undecided → Critical
status: New → In Progress
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Fix is in https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/landing-048/

Jean-Baptiste Lallement (jibel)
Changed in canonical-devices-system-image:
status: Confirmed → Fix Committed
Revision history for this message
Łukasz Zemczak (sil2100) wrote :

This bug was fixed in the package apparmor-easyprof-ubuntu 1.3.15 in https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/stable-phone-overlay

---------------

apparmor-easyprof-ubuntu (1.3.15) vivid; urgency=medium

  [ Alberto Mardegan ]
  * ubuntu/1.[23]/accounts: add the new Online Accounts v2 API (LP: #1512667)

  [ Jamie Strandboge ]
  * ubuntu/ubuntu-webapp: allow read access to /usr/share/ubuntu-html5-theme
    and /usr/share/ubuntu-html5-ui-toolkit (LP: #1477580)

 -- Jamie Strandboge <email address hidden> Fri, 20 Nov 2015 08:41:17 -0600

Changed in apparmor-easyprof-ubuntu (Ubuntu RTM):
status: In Progress → Fix Released
Pat McGowan (pat-mcgowan)
Changed in canonical-devices-system-image:
milestone: ww02-2016 → ww50-2015
Pat McGowan (pat-mcgowan)
Changed in canonical-devices-system-image:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.