system crash reports not opened with my default browser

Bug #1287460 reported by Brian Murray on 2014-03-04
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apport (Ubuntu)
Martin Pitt
update-notifier (Ubuntu)

Bug Description

When I receive a crash notification for a system crash (one that requires root to read and write to the .crash file) and I choose to report the bug, the bug report is opened with chromium instead of firefox (my default browser). Looking apport/ we see:

        # If we are called through sudo, determine the real user id and run the
        # browser with it to get the user's web browser settings.
            uid = int(os.getenv('PKEXEC_UID', os.getenv('SUDO_UID')))
            sudo_prefix = ['sudo', '-H', '-u', '#' + str(uid)]
        except TypeError:
            sudo_prefix = []

       + ['xdg-open', url])
            except OSError as e:
                # fall back to webbrowser
      , new=True, autoraise=True)

running 'xdg-open ""' opens google in firefox, however starting a root shell via "sudo -i" and running
'sudo -H -u \#1000 xdg-open ""' opens google in chromium-browser. Further more, running 'xdg-open ""' as root presents me with a warning about refusing to start chromium as root so it seems that the xdg-open call is using root's preferred browser and not mine.

Related branches

tags: added: trusty
Changed in apport (Ubuntu):
importance: Undecided → High
assignee: nobody → Martin Pitt (pitti)
Martin Pitt (pitti) on 2014-03-07
Changed in apport (Ubuntu):
status: New → Triaged
Changed in update-notifier (Ubuntu):
status: New → Triaged
Martin Pitt (pitti) wrote :

xdg-open relies on $KDE_FULL_SESSION and $GNOME_DESKTOP_SESSION_ID ($DBUS_SESSION_BUS_ADDRESS would also be helpful), which we somehow need to funnel through pkexec. Without that, it just calls x-www-browser which has no idea about the user's preferred browser.

Martin Pitt (pitti) wrote :

Passing around environment variables through files or through env makes the whole thing a security hole, so this now grabs the D-BUS session address from the running session's gvfsd process, if possible. This fixes the bug for me:

Changed in update-notifier (Ubuntu):
status: Triaged → Invalid
Changed in apport (Ubuntu):
status: Triaged → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.13.3-0ubuntu1

apport (2.13.3-0ubuntu1) trusty; urgency=medium

  [ Martin Pitt ]
  * New upstream release:
    - etc/cron.daily/apport: Cleanup .drkonqi files after 7 days. Thanks Harald
    - Try to grab session D-BUS address from user's session when being
      called through pkexec. (LP: #1287460)

  [ Brian Murray ]
  * data/package-hooks/ ensure dupe_sig1 and dupe_sig2 are
    None if they are not found
 -- Martin Pitt <email address hidden> Fri, 07 Mar 2014 16:34:45 +0100

Changed in apport (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers