apparmor prevents firefox from starting for an user who belongs to an Active Directory domain
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor (Ubuntu) |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: firefox-3.5
on karmic, apparmor prevents an active directory user from starting firefox. An active directory user has his home in a folder following the pattern
/home/DOMAIN/user/
and this is probably the cause of the misbehavior. An user not belonging to Active Directory will be able to start FF when apparmor is on.
starting firefox when AppArmor is off will enable the Active Directory users to see the ubuntu "search page" (default home page for FF3.5.3).
As an evidence, the /var/log/kern.log lines follow. they're related to the lock operations on the FF .parentlock. It seems that the k mask is being denied.
Oct 23 09:23:52 ly-qa-bellinux kernel: [88349.452412] type=1503 audit(125628263
Oct 23 09:23:53 ly-qa-bellinux kernel: [88349.874611] type=1503 audit(125628263
Oct 23 09:23:53 ly-qa-bellinux kernel: [88349.877534] type=1503 audit(125628263
Oct 23 09:23:53 ly-qa-bellinux kernel: [88349.879828] type=1503 audit(125628263
ProblemType: Bug
Architecture: i386
Date: Fri Oct 23 09:29:17 2009
DistroRelease: Ubuntu 9.10
Package: firefox-3.5 3.5.3+build1+
ProcEnviron:
LANG=en_US.UTF-8
SHELL=/bin/bash
ProcVersionSign
SourcePackage: firefox-3.5
Uname: Linux 2.6.31-14-generic i686
Thank you for the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this bug has already been reported. Please review https:/ /wiki.ubuntu. com/DebuggingAp parmor# Adjusting% 20Tunables as well as the information and solution in bug #447292.