Ubuntu
apparmor package

Bug #964510
Activity log

Activity log for bug #964510

Date	Who	What changed	Old value	New value	Message
2012-03-25 12:20:58	Jaromir Obr	bug			added bug
2012-03-25 16:27:23	Jamie Strandboge	tags	amd64 apport-bug precise	amd64 apparmor apport-bug precise
2012-03-25 16:29:44	Jamie Strandboge	apparmor (Ubuntu): status	New	Triaged
2012-03-25 16:35:34	Jamie Strandboge	apparmor (Ubuntu): importance	Undecided	Low
2012-04-09 05:52:27	varangamaiky	bug			added subscriber varangamaiky
2012-05-01 19:44:29	tnhh	bug			added subscriber tnhh
2012-05-02 13:05:32	Jamie Strandboge	description	1) Set Google Chrome as a default web browser 2) Evince: Open a PDF file containing an URL (HTTP) 3) Evince: Click on the link Expected result: URL is opened in Google Chrome Actual result: URL isn't opened in Google Chrome: /opt/google/chrome/google-chrome: line 42: /opt/google/chrome/chrome: Permission denied /opt/google/chrome/google-chrome: line 42: /opt/google/chrome/chrome: Success syslog: Mar 25 13:26:44 turion kernel: [ 675.919249] type=1400 audit(1332674804.672:24): apparmor="DENIED" operation="exec" parent=1 profile="/usr/bin/evince//sanitized_helper" name="/opt/google/chrome/chrome" pid=3820 comm="google-chrome" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 Workaround: Add "/opt/google/chrome/google-chrome Ux," into /etc/apparmor.d/abstractions/ubuntu-browsers and restart apparmor service Used SW: Ubuntu 12.04 LTS (beta 1) kernel 3.2.0-20-generic x86_64 Google Chrome 17.0.963.83 evince 3.3.92-0ubuntu2 apparmor 2.7.102-0ubuntu1 ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: apparmor 2.7.102-0ubuntu1 ProcVersionSignature: Ubuntu 3.2.0-20.32-generic 3.2.12 Uname: Linux 3.2.0-20-generic x86_64 ApportVersion: 1.95-0ubuntu1 Architecture: amd64 Date: Sun Mar 25 14:11:23 2012 InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release amd64+mac (20111011) ProcKernelCmdline: BOOT_IMAGE=/vmlinuz-3.2.0-20-generic root=/dev/mapper/Data-Root ro splash quiet vt.handoff=7 SourcePackage: apparmor UpgradeStatus: Upgraded to precise on 2012-03-03 (21 days ago)	SRU Justification: Impact: when chromium-browser or Google Chrome are set as the default browser, the user is unable to open links via PDF files Development fix: the fix will be applied to Quantal via pocket copy of this SRU. Stable fix: this was fixed in r2039 by adding the following to /etc/apparmor.d/abstractions/ubuntu-helpers: # While the chromium and chrome sandboxes are setuid root, they only link # in limited libraries so glibc's secure execution should be enough to not # require the santized_helper (ie, LD_PRELOAD will only use standard system # paths (man ld.so)). /usr/lib/chromium-browser/chromium-browser-sandbox PUxr, /opt/google/chrome/chrome-sandbox PUxr, /opt/google/chrome/google-chrome Pixr, /opt/google/chrome/chrome Pixr, /opt/google/chrome/lib.so{,.} m, TEST CASE: 1. Install chromium-browser and/or Google Chrome 2. Launch chromium-browser (or Chrome) and set it as the default web browser 3. Open a PDF with a link in it (attached) in evince and click on the link. At this point, chromium-browser (or Chrome) should open to the link specified. Without the patch, it does not open and there are AppArmor denials in /var/log/kern.log. Regression potential: the regression potential is considered low. Launching chromium-browser and Chrome via evince is currently broken, so there is no regression potential there, however ubuntu-helpers is included by the (disable by default) firefox profile so a mistake in the added policy could prevent firefox policy from loading.
2012-05-02 13:05:40	Jamie Strandboge	nominated for series		Ubuntu Precise
2012-05-02 13:05:40	Jamie Strandboge	bug task added		apparmor (Ubuntu Precise)
2012-05-02 13:05:40	Jamie Strandboge	nominated for series		Ubuntu Quantal
2012-05-02 13:05:40	Jamie Strandboge	bug task added		apparmor (Ubuntu Quantal)
2012-05-02 13:05:48	Jamie Strandboge	apparmor (Ubuntu Precise): status	New	Triaged
2012-05-02 13:05:51	Jamie Strandboge	apparmor (Ubuntu Precise): importance	Undecided	Low
2012-05-02 13:06:05	Jamie Strandboge	summary	Evince cannot open HTTP link in Google Chrome	Evince cannot open HTTP link in Google Chrome or chromium-browser
2012-05-02 13:06:14	Jamie Strandboge	apparmor (Ubuntu Precise): milestone		precise-updates
2012-05-02 13:08:23	Jamie Strandboge	attachment added		test_hyperlink.pdf https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/964510/+attachment/3125040/+files/test_hyperlink.pdf
2012-06-13 15:20:31	scottku	bug			added subscriber scottku
2012-06-22 13:17:27	Jamie Strandboge	attachment added		apparmor_2.7.102-0ubuntu6.debdiff https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/964510/+attachment/3200281/+files/apparmor_2.7.102-0ubuntu6.debdiff
2012-06-22 13:17:43	Jamie Strandboge	apparmor (Ubuntu Quantal): assignee		Steve Beattie (sbeattie)
2012-06-22 13:17:49	Jamie Strandboge	apparmor (Ubuntu Quantal): milestone		quantal-alpha-3
2012-06-22 16:20:33	Ubuntu Foundations Team Bug Bot	tags	amd64 apparmor apport-bug precise	amd64 apparmor apport-bug patch precise
2012-07-05 15:33:54	Jamie Strandboge	apparmor (Ubuntu Quantal): status	Triaged	In Progress
2012-07-05 15:33:58	Jamie Strandboge	apparmor (Ubuntu Quantal): assignee	Steve Beattie (sbeattie)	Jamie Strandboge (jdstrand)
2012-07-05 18:00:12	Launchpad Janitor	apparmor (Ubuntu Quantal): status	In Progress	Fix Released
2012-07-05 18:16:02	Launchpad Janitor	branch linked		lp:ubuntu/apparmor
2012-09-05 21:30:29	Yevgen Antimirov	bug			added subscriber Eugene Antimirov
2012-10-25 01:56:01	Neal McBurnett	bug			added subscriber Neal McBurnett
2012-12-25 14:26:19	mazurkin	bug			added subscriber mazurkin
2012-12-28 02:53:06	Kip Warner	bug			added subscriber Kip Warner
2013-07-08 18:32:45	Launchpad Janitor	branch linked		lp:~kees/apparmor/debian
2013-12-30 04:36:19	Alad Wenter	bug			added subscriber Previous1
2017-05-05 21:42:54	scottku	removed subscriber scottku
2021-10-14 01:31:58	Steve Langasek	apparmor (Ubuntu Precise): status	Triaged	Won't Fix

Ubuntuapparmor package

Activity log for bug #964510

Ubuntu
apparmor package