No security policy to allow reading the /usr/share/ubuntu/ringtones folder

Bug #1340326 reported by Nekhelesh Ramananthan on 2014-07-10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu Clock App
Status tracked in Trunk
Victor Thompson
apparmor-easyprof-ubuntu (Ubuntu)
Jamie Strandboge

Bug Description

The new clock app will provide support for choosing a custom ringtone when creating an alarm. The ringtones can be found at /usr/share/sounds/ubuntu/ringtones. However on the phone, while trying to read that folder I get the error,

root@ubuntu-phablet:~# sudo dmesg -T | grep DEN
[Wed Jul 9 14:55:31 2014] type=1400 audit(1404910531.073:159): apparmor="DENIED" operation="open" profile="com.ubuntu.clock.devel_ubuntu-clock-app_0.1" name="/usr/share/sounds/ubuntu/ringtones/" pid=7553 comm="FileInfoThread" requested_mask="r" denied_mask="r" fsuid=32011 ouid=0

I cannot find any security policies that would allow reading from this folder.

Related branches

Victor Thompson (vthompson) wrote :

Nekhelesh, the following should work:

    "policy_version": 1.2,
    "policy_groups": [
    "read_path": [

Jamie Strandboge (jdstrand) wrote :

Using read_path would work, but use of read_path is discouraged (music-app is still special in this regard). No worries though, the fix is in apparmor-easyprof-ubuntu 1.2.9 which is in utopic-proposed now and finding its way to the archive. Note, you'll have to specify the "audio" policy group now.

Changed in apparmor-easyprof-ubuntu (Ubuntu):
status: New → Fix Committed
importance: Undecided → High
assignee: nobody → Jamie Strandboge (jdstrand)
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apparmor-easyprof-ubuntu - 1.2.9

apparmor-easyprof-ubuntu (1.2.9) utopic; urgency=medium

  * ubuntu/webview:
    - adjust to allow oxide_render access to WebCore databases (LP: #1339724)
    - adjust for updated path for QML web plugin (LP: #1339777)
  * ubuntu/1.2: add new push-notification-client policy group
  * ubuntu/ubuntu-{sdk,webapp}: adjust for updated path for QML web plugin
  * ubuntu/audio: allow read access for /usr/share/sounds and
    /custom/usr/share/sounds (LP: #1340326)
  * ubuntu/audio: allow write access to /android/micshm (LP: #1337582)
 -- Jamie Strandboge <email address hidden> Thu, 10 Jul 2014 12:28:30 -0500

Changed in apparmor-easyprof-ubuntu (Ubuntu):
status: Fix Committed → Fix Released
Changed in ubuntu-clock-app:
status: New → In Progress
assignee: nobody → Victor Thompson (vthompson)
Victor Thompson (vthompson) wrote :

apparmor-easyprof-ubuntu v1.2.9 landed in image #125 [1]


Changed in ubuntu-clock-app:
status: In Progress → Fix Released
importance: Undecided → High
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers