Apparmor profile prevents flashgot from finding download managers
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
firefox (Ubuntu) |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: firefox
FlashGot cannot find any download manager when the firefox apparmor profile is active. This happens with FlashGot being installed from addons.mozilla.org or with the package xul-ext-flashgot. Disabling or removing the profile makes FlashGot usable again.
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: firefox 3.6.3+nobinonly
ProcVersionSign
Uname: Linux 2.6.32-20-generic i686
Architecture: i386
Date: Mon Apr 12 17:05:09 2010
FirefoxPackages:
firefox 3.6.3+nobinonly
firefox-
firefox-branding 3.6.3+nobinonly
abroswer N/A
abrowser-branding N/A
InstallationMedia: Kubuntu 9.10 "Karmic Koala" - Release i386 (20091028.5)
ProcEnviron:
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: firefox
It looks like this is the offending line: 5.984:37) : operation="exec" pid=4435 parent=4292 profile= "/usr/lib/ firefox- 3.6.3/firefox- *bin" requested_ mask="x: :" denied_mask="x::" fsuid=1000 ouid=1000 name="/ tmp/flashgot. c53oxpfx. default/ flashgot- 1.fgt"
Apr 12 16:36:05 Brinja kernel: [ 6582.958977] type=1503 audit(127108296
Flashgot seems to want to create a temporary file and execute. This is not something that will be added to the profile. If you must use flashgot, you can do: */*.fgt Ux,
owner /tmp/flashgot.
But this is giving the flashgot upstream complete trust. Better would be to develop an AppArmor profile for flashgot or using: */*.fgt ix,
owner /tmp/flashgot.