2014-09-26 13:46:55 |
Jamie Strandboge |
description |
When setting /etc/apparmor.d/usr.bin.chromium-browser to enforced mode, chromium browser no longer starts on fully updated utopic as of today.
In the previous weeks this worked without problems, so something broke recently.
With chromium in enforced mode I get "Could not close socketpair: Permission denied" when trying to launch chromium-browser. |
When setting /etc/apparmor.d/usr.bin.chromium-browser to enforced mode, chromium browser no longer starts on fully updated utopic as of today.
In the previous weeks this worked without problems, so something broke recently.
With chromium in enforced mode I get "Could not close socketpair: Permission denied" when trying to launch chromium-browser.
Denial:
audit: type=1400 audit(1411739070.115:113): apparmor="DENIED" operation="socket_shutdown" profile="/usr/lib/chromium-browser/chromium-browser//chromium_browser_sandbox" pid=4131 comm="chrome-sandbox" family="unix" sock_type="stream" protocol=0 requested_mask="shutdown" denied_mask="shutdown" addr=none
This rule is present:
unix (getattr, getopt, setopt, shutdown) peer=(addr=none),
but it should be:
unix (getattr, getopt, setopt, shutdown) addr=none, |
|