Ubuntu
libreoffice package

audit spam in dmesg (libreoffice)

Bug #1849680 reported by Christian Pernegger
28
This bug affects 5 people
Affects Status Importance Assigned to Milestone
libreoffice (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

My dmesg is getting flooded by apparmor audit messages, mostly from libreoffice (profiles libreoffice-soffice and libreoffice-oosplash):

$ dmesg | tail -n 25
[13682.452555] audit: type=1400 audit(1571920851.001:3672): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/usr/share/drirc.d/00-mesa-defaults.conf" pid=17792 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[13682.453430] audit: type=1400 audit(1571920851.001:3673): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/usr/share/drirc.d/00-mesa-defaults.conf" pid=17792 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[13682.453933] audit: type=1400 audit(1571920851.001:3674): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/usr/share/libdrm/amdgpu.ids" pid=17792 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[13682.455491] audit: type=1400 audit(1571920851.005:3675): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/home/chris/.cache/mesa_shader_cache/index" pid=17792 comm="soffice.bin" requested_mask="wrc" denied_mask="wrc" fsuid=1000 ouid=1000
[13682.604100] audit: type=1400 audit(1571920851.153:3676): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/home/chris/.local/share/gvfs-metadata/smb-share:server=buddha,share=chris" pid=17791 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
[13682.604138] audit: type=1400 audit(1571920851.153:3677): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/home/chris/.local/share/gvfs-metadata/smb-share:server=buddha,share=chris-22028640.log" pid=17791 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
[13683.097648] audit: type=1400 audit(1571920851.645:3678): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/home/chris/.mozilla/firefox/vq2zzheq.chris-2019-09/cert8.db" pid=17791 comm="soffice.bin" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
[16676.510664] kauditd_printk_skb: 1210 callbacks suppressed
[16676.510665] audit: type=1400 audit(1571923845.047:4889): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/usr/share/drirc.d/00-mesa-defaults.conf" pid=18543 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[16676.511473] audit: type=1400 audit(1571923845.047:4890): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/usr/share/drirc.d/00-mesa-defaults.conf" pid=18543 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[16676.550636] audit: type=1400 audit(1571923845.087:4891): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/usr/share/drirc.d/00-mesa-defaults.conf" pid=18543 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[16676.551394] audit: type=1400 audit(1571923845.087:4892): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/usr/share/drirc.d/00-mesa-defaults.conf" pid=18543 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[16676.552145] audit: type=1400 audit(1571923845.087:4893): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/usr/share/drirc.d/00-mesa-defaults.conf" pid=18543 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[16676.552568] audit: type=1400 audit(1571923845.087:4894): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/usr/share/libdrm/amdgpu.ids" pid=18543 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[16676.553912] audit: type=1400 audit(1571923845.091:4895): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/home/chris/.cache/mesa_shader_cache/index" pid=18543 comm="soffice.bin" requested_mask="wrc" denied_mask="wrc" fsuid=1000 ouid=1000
[16694.388901] audit: type=1400 audit(1571923862.923:4896): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/proc/18541/mountinfo" pid=18541 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
[16694.388972] audit: type=1400 audit(1571923862.923:4897): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/proc/18541/cgroup" pid=18541 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
[16694.388992] audit: type=1400 audit(1571923862.923:4898): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/sys/fs/cgroup/memory/memory.limit_in_bytes" pid=18541 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[16694.389011] audit: type=1400 audit(1571923862.923:4899): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us" pid=18541 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[16694.389017] audit: type=1400 audit(1571923862.923:4900): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/sys/fs/cgroup/cpu,cpuacct/cpu.cfs_period_us" pid=18541 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[16694.389022] audit: type=1400 audit(1571923862.923:4901): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/sys/fs/cgroup/cpu,cpuacct/cpu.shares" pid=18541 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[16694.389028] audit: type=1400 audit(1571923862.923:4902): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us" pid=18541 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[16694.389032] audit: type=1400 audit(1571923862.923:4903): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/sys/fs/cgroup/cpu,cpuacct/cpu.cfs_period_us" pid=18541 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[16694.389036] audit: type=1400 audit(1571923862.923:4904): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/sys/fs/cgroup/cpu,cpuacct/cpu.shares" pid=18541 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[16694.389040] audit: type=1400 audit(1571923862.923:4905): apparmor="ALLOWED" operation="open" profile="libreoffice-soffice" name="/sys/fs/cgroup/memory/memory.limit_in_bytes" pid=18541 comm="soffice.bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

$ journalctl -b | grep audit | wc -l
6150

Note the "kauditd_printk_skb: 1210 callbacks suppressed" above, such lines are interspersed regularly.

This is on a minimal install of 18.04.3 with libreoffice manually added. I haven't touched the apparmor configuration.

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: apparmor 2.12-4ubuntu5.1
ProcVersionSignature: Ubuntu 5.0.0-32.34~18.04.2-generic 5.0.21
Uname: Linux 5.0.0-32-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.7
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Thu Oct 24 15:46:53 2019
InstallationDate: Installed on 2019-09-23 (30 days ago)
InstallationMedia: Ubuntu 18.04.3 LTS "Bionic Beaver" - Release amd64 (20190805)
ProcKernelCmdline: BOOT_IMAGE=/@/boot/vmlinuz-5.0.0-32-generic root=UUID=7cf22442-68f1-433a-981f-b266ceb58484 ro rootflags=subvol=@ quiet splash vt.handoff=1
SourcePackage: apparmor
Syslog:
 Oct 24 10:51:43 kenny dbus-daemon[19581]: [session uid=1000 pid=19581] AppArmor D-Bus mediation is enabled
 Oct 24 10:52:51 kenny dbus-daemon[1019]: [system] AppArmor D-Bus mediation is enabled
 Oct 24 10:52:54 kenny dbus-daemon[1164]: [session uid=121 pid=1164] AppArmor D-Bus mediation is enabled
 Oct 24 10:53:03 kenny dbus-daemon[1979]: [session uid=1000 pid=1979] AppArmor D-Bus mediation is enabled
 Oct 24 10:53:58 kenny dbus-daemon[2727]: [session uid=0 pid=2725] AppArmor D-Bus mediation is enabled
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Christian Pernegger (fallenguru) wrote :
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

libreoffice ships this profile, so the bug should be tracked there.

affects: apparmor (Ubuntu) → libreoffice (Ubuntu)
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

For the next libreoffice upload, the non-/home read-only accesses all look fine to add to the libreoffice profile.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in libreoffice (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.