Ubuntu
apparmor package

Bug #851977
Activity log

Activity log for bug #851977

Date	Who	What changed	Old value	New value	Message
2011-09-16 15:21:02	Micah Gersten	bug			added bug
2011-09-16 15:26:32	Micah Gersten	description	WIth enforce on: Sep 16 10:16:58 defiant kernel: [53172.876586] type=1400 audit(1316186218.365:44): apparmor="DENIED" operation="exec" parent=9476 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}" name="/usr/bin/exo-open" pid=9477 comm="firefox-trunk" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 with complain on: Sep 16 10:19:58 defiant kernel: [53352.603163] type=1400 audit(1316186398.096:48): apparmor="ALLOWED" operation="exec" parent=9696 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}" name="/usr/bin/exo-open" pid=9697 comm="firefox-trunk" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 target="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" Sep 16 10:19:58 defiant kernel: [53352.692550] type=1400 audit(1316186398.186:49): apparmor="ALLOWED" operation="open" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/etc/ld.so.cache" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.692564] type=1400 audit(1316186398.186:50): apparmor="ALLOWED" operation="getattr" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/etc/ld.so.cache" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.692623] type=1400 audit(1316186398.186:51): apparmor="ALLOWED" operation="open" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/libexo-1.so.0.0.0" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.692645] type=1400 audit(1316186398.186:52): apparmor="ALLOWED" operation="getattr" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/libexo-1.so.0.0.0" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.692660] type=1400 audit(1316186398.186:53): apparmor="ALLOWED" operation="file_mmap" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/libexo-1.so.0.0.0" pid=9697 comm="exo-open" requested_mask="mr" denied_mask="mr" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.705596] type=1400 audit(1316186398.196:54): apparmor="ALLOWED" operation="open" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.6" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.705617] type=1400 audit(1316186398.196:55): apparmor="ALLOWED" operation="getattr" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.6" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.705631] type=1400 audit(1316186398.196:56): apparmor="ALLOWED" operation="file_mmap" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.6" pid=9697 comm="exo-open" requested_mask="mr" denied_mask="mr" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.705693] type=1400 audit(1316186398.196:57): apparmor="ALLOWED" operation="open" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.2990.0" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0	Note: this is important for xubuntu, mythubuntu, and ubuntustudio which all use exo-utils in their default install With enforce on: Sep 16 10:16:58 defiant kernel: [53172.876586] type=1400 audit(1316186218.365:44): apparmor="DENIED" operation="exec" parent=9476 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}" name="/usr/bin/exo-open" pid=9477 comm="firefox-trunk" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 with complain on: Sep 16 10:19:58 defiant kernel: [53352.603163] type=1400 audit(1316186398.096:48): apparmor="ALLOWED" operation="exec" parent=9696 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}" name="/usr/bin/exo-open" pid=9697 comm="firefox-trunk" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 target="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" Sep 16 10:19:58 defiant kernel: [53352.692550] type=1400 audit(1316186398.186:49): apparmor="ALLOWED" operation="open" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/etc/ld.so.cache" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.692564] type=1400 audit(1316186398.186:50): apparmor="ALLOWED" operation="getattr" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/etc/ld.so.cache" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.692623] type=1400 audit(1316186398.186:51): apparmor="ALLOWED" operation="open" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/libexo-1.so.0.0.0" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.692645] type=1400 audit(1316186398.186:52): apparmor="ALLOWED" operation="getattr" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/libexo-1.so.0.0.0" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.692660] type=1400 audit(1316186398.186:53): apparmor="ALLOWED" operation="file_mmap" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/libexo-1.so.0.0.0" pid=9697 comm="exo-open" requested_mask="mr" denied_mask="mr" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.705596] type=1400 audit(1316186398.196:54): apparmor="ALLOWED" operation="open" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.6" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.705617] type=1400 audit(1316186398.196:55): apparmor="ALLOWED" operation="getattr" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.6" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.705631] type=1400 audit(1316186398.196:56): apparmor="ALLOWED" operation="file_mmap" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.6" pid=9697 comm="exo-open" requested_mask="mr" denied_mask="mr" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.705693] type=1400 audit(1316186398.196:57): apparmor="ALLOWED" operation="open" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.2990.0" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
2011-09-16 15:54:32	Micah Gersten	description	Note: this is important for xubuntu, mythubuntu, and ubuntustudio which all use exo-utils in their default install With enforce on: Sep 16 10:16:58 defiant kernel: [53172.876586] type=1400 audit(1316186218.365:44): apparmor="DENIED" operation="exec" parent=9476 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}" name="/usr/bin/exo-open" pid=9477 comm="firefox-trunk" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 with complain on: Sep 16 10:19:58 defiant kernel: [53352.603163] type=1400 audit(1316186398.096:48): apparmor="ALLOWED" operation="exec" parent=9696 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}" name="/usr/bin/exo-open" pid=9697 comm="firefox-trunk" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 target="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" Sep 16 10:19:58 defiant kernel: [53352.692550] type=1400 audit(1316186398.186:49): apparmor="ALLOWED" operation="open" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/etc/ld.so.cache" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.692564] type=1400 audit(1316186398.186:50): apparmor="ALLOWED" operation="getattr" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/etc/ld.so.cache" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.692623] type=1400 audit(1316186398.186:51): apparmor="ALLOWED" operation="open" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/libexo-1.so.0.0.0" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.692645] type=1400 audit(1316186398.186:52): apparmor="ALLOWED" operation="getattr" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/libexo-1.so.0.0.0" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.692660] type=1400 audit(1316186398.186:53): apparmor="ALLOWED" operation="file_mmap" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/libexo-1.so.0.0.0" pid=9697 comm="exo-open" requested_mask="mr" denied_mask="mr" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.705596] type=1400 audit(1316186398.196:54): apparmor="ALLOWED" operation="open" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.6" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.705617] type=1400 audit(1316186398.196:55): apparmor="ALLOWED" operation="getattr" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.6" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.705631] type=1400 audit(1316186398.196:56): apparmor="ALLOWED" operation="file_mmap" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.6" pid=9697 comm="exo-open" requested_mask="mr" denied_mask="mr" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.705693] type=1400 audit(1316186398.196:57): apparmor="ALLOWED" operation="open" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.2990.0" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0	TEST CASE: 1. sudo aa-enforce /usr/bin/firefox on a derivative that uses exo 2. download a file 3. in the downloads window, right click on the download and click open Note: this is important for xubuntu, mythubuntu, and ubuntustudio which all use exo-utils in their default install With enforce on: Sep 16 10:16:58 defiant kernel: [53172.876586] type=1400 audit(1316186218.365:44): apparmor="DENIED" operation="exec" parent=9476 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}" name="/usr/bin/exo-open" pid=9477 comm="firefox-trunk" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 with complain on: Sep 16 10:19:58 defiant kernel: [53352.603163] type=1400 audit(1316186398.096:48): apparmor="ALLOWED" operation="exec" parent=9696 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}" name="/usr/bin/exo-open" pid=9697 comm="firefox-trunk" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 target="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" Sep 16 10:19:58 defiant kernel: [53352.692550] type=1400 audit(1316186398.186:49): apparmor="ALLOWED" operation="open" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/etc/ld.so.cache" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.692564] type=1400 audit(1316186398.186:50): apparmor="ALLOWED" operation="getattr" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/etc/ld.so.cache" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.692623] type=1400 audit(1316186398.186:51): apparmor="ALLOWED" operation="open" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/libexo-1.so.0.0.0" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.692645] type=1400 audit(1316186398.186:52): apparmor="ALLOWED" operation="getattr" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/libexo-1.so.0.0.0" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.692660] type=1400 audit(1316186398.186:53): apparmor="ALLOWED" operation="file_mmap" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/libexo-1.so.0.0.0" pid=9697 comm="exo-open" requested_mask="mr" denied_mask="mr" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.705596] type=1400 audit(1316186398.196:54): apparmor="ALLOWED" operation="open" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.6" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.705617] type=1400 audit(1316186398.196:55): apparmor="ALLOWED" operation="getattr" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.6" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.705631] type=1400 audit(1316186398.196:56): apparmor="ALLOWED" operation="file_mmap" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.6" pid=9697 comm="exo-open" requested_mask="mr" denied_mask="mr" fsuid=1000 ouid=0 Sep 16 10:19:58 defiant kernel: [53352.705693] type=1400 audit(1316186398.196:57): apparmor="ALLOWED" operation="open" parent=1 profile="/usr/lib/firefox-trunk-9.0a1/firefox{,[^s][^h]}//null-1b" name="/usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.2990.0" pid=9697 comm="exo-open" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
2011-09-16 15:54:43	Micah Gersten	tags		testcase
2012-01-03 20:32:23	Jamie Strandboge	apparmor (Ubuntu): status	New	In Progress
2012-01-03 20:32:23	Jamie Strandboge	apparmor (Ubuntu): assignee		Jamie Strandboge (jdstrand)
2012-01-03 23:29:59	Jamie Strandboge	apparmor (Ubuntu): status	In Progress	Fix Committed
2012-01-12 14:40:19	Launchpad Janitor	apparmor (Ubuntu): status	Fix Committed	Fix Released
2012-01-12 15:16:23	Launchpad Janitor	branch linked		lp:ubuntu/apparmor
2012-02-09 21:37:37	Launchpad Janitor	branch linked		lp:~kees/apparmor/debian

Ubuntuapparmor package

Activity log for bug #851977

Ubuntu
apparmor package