chromium-browser profile is too noisy for version 50.0.2661.102-0ubuntu0.16.04.1.1237

Bug #1594589 reported by luca on 2016-06-20
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apparmor (Ubuntu)
Undecided
Unassigned

Bug Description

Just by running chromium I get these complaints:

Jun 20 20:53:22 omicron kernel: [69605.494311] audit: type=1400 audit(1466448802.236:2558): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/sys/devices/system/cpu/cpufreq/policy0/cpuinfo_max_freq" pid=23577 comm="chromium-browse" requested_mask="r" denied_mask="r" fsuid=1001 ouid=0 Jun 20 20:53:22 omicron kernel: [69605.555829] audit: type=1400 audit(1466448802.296:2559): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/proc/23610/setgroups" pid=23610 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1001 ouid=1001 Jun 20 20:53:22 omicron kernel: [69605.555895] audit: type=1400 audit(1466448802.296:2560): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/proc/23610/uid_map" pid=23610 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1001 ouid=1001 Jun 20 20:53:22 omicron kernel: [69605.555952] audit: type=1400 audit(1466448802.296:2561): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/proc/23610/gid_map" pid=23610 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1001 ouid=1001 Jun 20 20:53:24 omicron kernel: [69607.268592] audit: type=1400 audit(1466448804.008:2562): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/sys/devices/system/cpu/cpufreq/policy0/cpuinfo_max_freq" pid=23610 comm="chromium-browse" requested_mask="r" denied_mask="r" fsuid=1001 ouid=0 Jun 20 20:53:24 omicron kernel: [69607.299658] audit: type=1400 audit(1466448804.040:2563): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/proc/1/stat" pid=23610 comm="chromium-browse" requested_mask="r" denied_mask="r" fsuid=1001 ouid=0 Jun 20 20:53:24 omicron kernel: [69607.341170] audit: type=1400 audit(1466448804.080:2564): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/proc/23610/setgroups" pid=23610 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1001 ouid=1001 Jun 20 20:53:24 omicron kernel: [69607.341225] audit: type=1400 audit(1466448804.080:2565): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/proc/23610/gid_map" pid=23610 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1001 ouid=1001 Jun 20 20:53:24 omicron kernel: [69607.341272] audit: type=1400 audit(1466448804.080:2566): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/proc/23610/uid_map" pid=23610 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1001 ouid=1001

I also get very annoying popup notifications for these...

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apparmor - 2.12-4ubuntu5

---------------
apparmor (2.12-4ubuntu5) bionic; urgency=medium

  [ Didier Roche ]
  * debian/patches/ubuntu/communitheme-snap-support.patch:
    - support communitheme snap (LP: #1762983)

  [ Jamie Strandboge ]
  * debian/patches/ubuntu/add-chromium-browser.patch: adjust for newer
    chromium (LP: #1101298, LP: #1594589, LP: #1647142)
    - add attach_disconnected
    - allow reading /proc/vmstat
    - don't require owner match for /proc/pid/{stat,status} and task
      counterparts
    - adjust pci[0-9] to be pci[0-9a-f]
    - allow reading all uevents and /sys/devices/virtual/tty/tty0/active
    - allow ptracing xdgsettings and lsb-release
    - xdgsettings uses head and tr and looks at /usr/share/ubuntu/applications/
    - lsb-release uses python 3.6 and looks at apport, apt.conf, dpkg and
      distro-info
    - use 'm' on on sandbox
  * debian/patches/ubuntu/mimeinfo-snap-support.patch: allow reading
    /var/lib/snapd/desktop/applications *.desktop and mimeinfo.cache
    (LP: #1712039)

 -- Jamie Strandboge <email address hidden> Tue, 17 Apr 2018 20:15:16 +0000

Changed in apparmor (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers