Ubuntu
thunderbird package

[snap] thunderbird seccomp profile missing a few syscalls

Bug #1905344 reported by Simon Déziel
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
thunderbird (Ubuntu)
Confirmed
Low
Unassigned

Bug Description

Launching thunderbird's snap result in the following logs:

Nov 23 20:07:37 simon-lemur kernel: audit: type=1326 audit(1606180057.636:655): auid=1000 uid=1000 gid=1000 ses=2 pid=8588 comm="thunderbird-bin" exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f198a2d5b9f code=0x50000
Nov 23 20:07:37 simon-lemur kernel: audit: type=1326 audit(1606180057.640:656): auid=1000 uid=1000 gid=1000 ses=2 pid=8588 comm="thunderbird-bin" exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f198a2d5b9f code=0x50000
Nov 23 20:07:37 simon-lemur kernel: audit: type=1326 audit(1606180057.640:657): auid=1000 uid=1000 gid=1000 ses=2 pid=8588 comm="thunderbird-bin" exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f198a2d5b9f code=0x50000
Nov 23 20:07:37 simon-lemur kernel: audit: type=1326 audit(1606180057.640:658): auid=1000 uid=1000 gid=1000 ses=2 pid=8588 comm="thunderbird-bin" exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f198a2d5b9f code=0x50000
Nov 23 20:07:38 simon-lemur kernel: audit: type=1326 audit(1606180058.356:659): auid=1000 uid=1000 gid=1000 ses=2 pid=8512 comm=64636F6E6620776F726B6572 exe="/snap/thunderbird/95/thunderbird-bin" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f19894aa959 code=0x50000

$ aa-decode 64636F6E6620776F726B6572
Decoded: dconf worker

So syscall 203 (sys_sched_setaffinity?) and 314 (sys_sched_setattr?) are not permitted.

Additional information:

$ lsb_release -rd
Description: Ubuntu 18.04.5 LTS
Release: 18.04

$ uname -a
Linux simon-lemur 5.4.0-53-generic #59~18.04.1-Ubuntu SMP Wed Oct 21 12:14:56 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

$ snap info thunderbird
name: thunderbird
summary: Mozilla Thunderbird email application
publisher: Canonical✓
store-url: https://snapcraft.io/thunderbird
contact: https://launchpad.net/distros/ubuntu/+source/thunderbird
license: unset
description: |
  Thunderbird is a free and open source email, newsfeed, chat, and calendaring client, that’s easy
  to set up and customize. One of the core principles of Thunderbird is the use and promotion of
  open standards - this focus is a rejection of our world of closed platforms and services that
  can’t communicate with each other. We want our users to have freedom and choice in how they
  communicate.
commands:
  - thunderbird
snap-id: k1Ml1O9GzSO2QftV0ZlWSbUfQ78nN460
tracking: latest/stable
refresh-date: today at 20:00 EST
channels:
  latest/stable: 78.5.0 2020-11-18 (95) 69MB -
  latest/candidate: ↑
  latest/beta: ↑
  latest/edge: 78.5.0 2020-11-18 (95) 69MB -
installed: 78.5.0 (95) 69MB -

Revision history for this message
Sebastien Bacher (seb128) wrote :

Thank you for your bug report. Is it creating any user visible problem or just log noise?

Changed in thunderbird (Ubuntu):
importance: Undecided → Low
Revision history for this message
Simon Déziel (sdeziel) wrote :

No visible user impact other than the noise, sorry for not mentioning this outright.

Revision history for this message
Sebastien Bacher (seb128) wrote :

No problem, thanks for the reply!

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in thunderbird (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.