Comment 0 for bug 1934005

In Focal, abstractions/X has the following section in it:

  # the unix socket to use to connect to the display
  /tmp/.X11-unix/* rw,
  unix (connect, receive, send)
       type=stream
       peer=(addr="@/tmp/.X11-unix/X[0-9]*"),
  unix (connect, receive, send)
       type=stream
       peer=(addr="@/tmp/.ICE-unix/[0-9]*"),

However, in Impish, this seems to have changed:

  # the unix socket to use to connect to the display
  /tmp/.X11-unix/* r,
  unix (connect, receive, send)
       type=stream
       peer=(addr="@/tmp/.X11-unix/X[0-9]*"),
  unix (connect, receive, send)
       type=stream
       peer=(addr="@/tmp/.ICE-unix/[0-9]*"),

This in turn breaks torbrowser-launcher's Firefox from launching, even if we include the X abstractions, because the display sockets in /tmp/.X11-unix/* (X0 for Display :0 for example) are not read/write.

This looks like a MAJOR regression by removing the permissions. Or has Impish apparmor not been updated for any Ubuntu specific changes?

ProblemType: Bug
DistroRelease: Ubuntu 21.10
Package: apparmor 3.0.0-0ubuntu8
ProcVersionSignature: Ubuntu 5.11.0-20.21+21.10.1-generic 5.11.21
Uname: Linux 5.11.0-20-generic x86_64
ApportVersion: 2.20.11-0ubuntu67
Architecture: amd64
CasperMD5CheckResult: unknown
CurrentDesktop: LXQt
Date: Tue Jun 29 14:39:00 2021
InstallationDate: Installed on 2021-06-29 (0 days ago)
InstallationMedia: Lubuntu 21.10 "Impish Indri" - Alpha amd64 (20210628)
ProcKernelCmdline: BOOT_IMAGE=/boot/vmlinuz-5.11.0-20-generic root=UUID=d042602b-0900-4b2e-acb1-f67436e9805f ro quiet splash vt.handoff=7
SourcePackage: apparmor
UpgradeStatus: No upgrade log present (probably fresh install)