Ubuntu
evince package

Apparmor configuration renders evince (and others tools) unusable under Karmic

Bug #469089 reported by Bruno Beaufils on 2009-11-01

This bug report is a duplicate of: Bug #447292: AppArmor does not allow access when @{HOME} is not /home. Edit Remove

26

This bug affects 5 people

Affects		Status	Importance	Assigned to	Milestone
	evince (Ubuntu)	Won't Fix	Undecided	Unassigned
Nominated for Karmic by Bruno Beaufils

Bug Description

Binary package hint: evince

After doing basic Karmic upgrade from jaunty on amd64 (MacBookPro 3,1) I am unable to use evince correctly. Fonts can not be rendered correctly, and thus menus are completely unreadable (fonts are rendered as small empty square, see attachment) and PDF file content are not rendered at all.

It seems that some others tools (Firefox for instance) get also troubles with font rendering (I am however not able to give a simple example yet).

I am able to fix the problem when stopping completely apparmor (/etc/init.d/apparmor stop). The problem should thus come from apparmor profile. Since I am not aware of how it works I file this bug so that others people may fix it.

It seems I am not the only one to get the trouble : http://ubuntuforums.org/showthread.php?p=8215308.

Bugs 452057 and 423687 seem very near to this one but are not the same, since they have been fixed before karmic release, and the one I described is not.

This bug seems to be a generalization of bug 439663.

Some informations about my config :

$ lsb_release -rd
Description: Ubuntu 9.10
Release: 9.10

$ uname -a
Linux watney 2.6.31-14-generic #48-Ubuntu SMP Fri Oct 16 14:05:01 UTC 2009 x86_64 GNU/Linux

$ apt-cache policy evince
evince:
  Installed: 2.28.1-0ubuntu1
  Candidate: 2.28.1-0ubuntu1
  Version table:
*** 2.28.1-0ubuntu1 0
        500 http://archive.ubuntu.com karmic/main Packages
        100 /var/lib/dpkg/status

$ apt-cache policy apparmor
apparmor:
  Installed: 2.3.1+1403-0ubuntu27
  Candidate: 2.3.1+1403-0ubuntu27
  Version table:
*** 2.3.1+1403-0ubuntu27 0
        500 http://archive.ubuntu.com karmic/main Packages
        100 /var/lib/dpkg/status

Here are the errors I get when starting evince on a command line:

(evince:30799): EggSMClient-WARNING **: Failed to connect to the session manager: None of the authentication protocols specified are supported

** (evince:30799): WARNING **: Failed to create dbus proxy for org.gnome.SettingsDaemon: Could not get owner of name 'org.gnome.SettingsDaemon': no such name

(evince:30799): Gtk-WARNING **: Attempting to read the recently used resources file at `/home/bruno/.recently-used.xbel', but the parser failed: Failed to open file '/home/bruno/.recently-used.xbel': Permission denied.

(evince:30799): Pango-WARNING **: failed to create cairo scaled font, expect ugly output. the offending font is 'Bitstream Vera Sans 9.9990234375'

(evince:30799): Pango-WARNING **: font_font status is: <unknown error status>

(evince:30799): Pango-WARNING **: scaled_font status is: out of memory

(evince:30799): Pango-WARNING **: shaping failure, expect ugly output. shape-engine='BasicEngineFc', font='Bitstream Vera Sans 9.9990234375', text='?'
I/O error : Permission denied
I/O error : Permission denied
I/O warning : failed to load external entity "/home/bruno/.gnome2/evince/ev-metadata.xml"

** (evince:30799): WARNING **: Failed to create file '/home/bruno/.gnome2/evince/evince-crashed.5YCJ2U': Permission denied

(evince:30799): Pango-WARNING **: failed to create cairo scaled font, expect ugly output. the offending font is 'Bitstream Vera Sans 9.9990234375'

(evince:30799): Pango-WARNING **: font_font status is: <unknown error status>

(evince:30799): Pango-WARNING **: scaled_font status is: out of memory

(evince:30799): Pango-WARNING **: failed to create cairo scaled font, expect ugly output. the offending font is 'Bitstream Vera Sans Oblique 12'

(evince:30799): Pango-WARNING **: font_font status is: <unknown error status>

(evince:30799): Pango-WARNING **: scaled_font status is: out of memory

(evince:30799): Pango-WARNING **: shaping failure, expect ugly output. shape-engine='BasicEngineFc', font='Bitstream Vera Sans Oblique 12', text='Loading...'

(evince:30799): Pango-WARNING **: failed to create cairo scaled font, expect ugly output. the offending font is 'Bitstream Vera Sans Oblique 9.9990234375'

(evince:30799): Pango-WARNING **: font_font status is: <unknown error status>

(evince:30799): Pango-WARNING **: scaled_font status is: out of memory

(evince:30799): Pango-WARNING **: failed to create cairo scaled font, expect ugly output. the offending font is 'Bitstream Vera Sans Oblique 9.9990234375'

(evince:30799): Pango-WARNING **: font_font status is: <unknown error status>

(evince:30799): Pango-WARNING **: scaled_font status is: out of memory

(evince:30799): Pango-WARNING **: shaping failure, expect ugly output. shape-engine='BasicEngineFc', font='Bitstream Vera Sans Oblique 9.9990234375', text='The quick brown fox jumps over the lazy dog.'

(evince:30799): Pango-WARNING **: failed to create cairo scaled font, expect ugly output. the offending font is 'Bitstream Vera Sans 21.9990234375'

(evince:30799): Pango-WARNING **: font_font status is: <unknown error status>

(evince:30799): Pango-WARNING **: scaled_font status is: out of memory

(evince:30799): Pango-WARNING **: shaping failure, expect ugly output. shape-engine='BasicEngineFc', font='Bitstream Vera Sans 21.9990234375', text='Loading...'

(evince:30799): Pango-WARNING **: failed to create cairo scaled font, expect ugly output. the offending font is 'Bitstream Vera Sans 20.2998046875'

(evince:30799): Pango-WARNING **: font_font status is: <unknown error status>

(evince:30799): Pango-WARNING **: scaled_font status is: out of memory

(evince:30799): Pango-WARNING **: shaping failure, expect ugly output. shape-engine='BasicEngineFc', font='Bitstream Vera Sans 20.2998046875', text='Loading...'

(evince:30799): Gtk-WARNING **: Attempting to store changes into `/home/bruno/.recently-used.xbel', but failed: Failed to create file '/home/bruno/.recently-used.xbel.IUQM2U': Permission denied

(evince:30799): Gtk-WARNING **: Attempting to store changes into `/home/bruno/.recently-used.xbel', but failed: Failed to create file '/home/bruno/.recently-used.xbel.HDRM2U': Permission denied
I/O error : Permission denied
I/O error : Permission denied

(evince:30799): Gtk-WARNING **: Attempting to store changes into `/home/bruno/.recently-used.xbel', but failed: Failed to create file '/home/bruno/.recently-used.xbel.LIA71U': Permission denied

ProblemType: Bug
Architecture: amd64
Date: Sun Nov 1 18:29:52 2009
DistroRelease: Ubuntu 9.10
ExecutablePath: /usr/bin/evince
NonfreeKernelModules: nvidia
Package: evince 2.28.1-0ubuntu1
ProcEnviron:
SHELL=/bin/bash
PATH=(custom, user)
LC_COLLATE=C
LANG=C
ProcVersionSignature: Ubuntu 2.6.31-14.48-generic
SourcePackage: evince
Uname: Linux 2.6.31-14-generic x86_64

Tags:

Revision history for this message

Bruno Beaufils (beaufils) wrote on 2009-11-01:

#1

how evince is rendered when apparmor is started under karmic Edit (10.4 KiB, image/png)
Dependencies.txt Edit (4.2 KiB, text/plain; charset="utf-8")
KernLog.txt Edit (19.7 KiB, text/plain; charset="utf-8")
ProcMaps.txt Edit (43.1 KiB, text/plain; charset="utf-8")
ProcStatus.txt Edit (777 bytes, text/plain; charset="utf-8")
RelatedPackageVersions.txt Edit (163 bytes, text/plain; charset="utf-8")
XsessionErrors.txt Edit (3.0 KiB, text/plain; charset="utf-8")

security vulnerability:	yes → no
visibility:	private → public

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2009-11-01:

#2

Thank you for the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this bug has already been reported. Please review https://wiki.ubuntu.com/DebuggingApparmor#Adjusting%20Tunables as well as the information and solution in bug #447292.

affects:	evince (Ubuntu) → apparmor (Ubuntu)
Changed in apparmor (Ubuntu):
status:	New → Won't Fix
affects:	apparmor (Ubuntu) → evince (Ubuntu)

Revision history for this message

Neil FAN (neilfan) wrote on 2009-11-15:

#3

The story of this bug is a little bit different from bug #447292 as I have normal (or lazy) setting of Ubuntu 9.10 with my home directory in /home folder.

I have some extra fonts installed which changed file /etc/fonts/font.conf and /etc/fonts/conf.d/. This pushed me to the same issue of this bug.

I checked the apparmor profile for evince, noticed that no permission granted to access the font configuration. I did this to fix this issue in a simple way (although I'm not sure if this will involve any security issues as mentioned in bug #447292)

1. Stop apparmor
sudo /etc/init.d/apparmor stop
2. Modify file /etc/apparmor.d/usr.bin.evince
put this new line underneath line 9 #include <abstractions/evince>
#include <abstractions/fonts>
3. Restart apparmor
sudo /etc/init.d/apparmor start

and the evince boy is back

So the discussion is: shall we prevent evince from font configuration due to security reasons?

Thanks.

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #447292 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.