system crash reports not opened with my default browser

Bug #1287460 reported by Brian Murray on 2014-03-04
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apport (Ubuntu)
High
Martin Pitt
update-notifier (Ubuntu)
Undecided
Unassigned

Bug Description

When I receive a crash notification for a system crash (one that requires root to read and write to the .crash file) and I choose to report the bug, the bug report is opened with chromium instead of firefox (my default browser). Looking apport/ui.py we see:

        # If we are called through sudo, determine the real user id and run the
        # browser with it to get the user's web browser settings.
        try:
            uid = int(os.getenv('PKEXEC_UID', os.getenv('SUDO_UID')))
            sudo_prefix = ['sudo', '-H', '-u', '#' + str(uid)]
        except TypeError:
            sudo_prefix = []

        try:
            try:
                subprocess.call(sudo_prefix + ['xdg-open', url])
            except OSError as e:
                # fall back to webbrowser
                webbrowser.open(url, new=True, autoraise=True)
                sys.exit(0)

running 'xdg-open "http://www.google.com"' opens google in firefox, however starting a root shell via "sudo -i" and running
'sudo -H -u \#1000 xdg-open "http://www.google.com"' opens google in chromium-browser. Further more, running 'xdg-open "http://www.google.com"' as root presents me with a warning about refusing to start chromium as root so it seems that the xdg-open call is using root's preferred browser and not mine.

Related branches

tags: added: trusty
Changed in apport (Ubuntu):
importance: Undecided → High
assignee: nobody → Martin Pitt (pitti)
Martin Pitt (pitti) on 2014-03-07
Changed in apport (Ubuntu):
status: New → Triaged
Changed in update-notifier (Ubuntu):
status: New → Triaged
Martin Pitt (pitti) wrote :

xdg-open relies on $KDE_FULL_SESSION and $GNOME_DESKTOP_SESSION_ID ($DBUS_SESSION_BUS_ADDRESS would also be helpful), which we somehow need to funnel through pkexec. Without that, it just calls x-www-browser which has no idea about the user's preferred browser.

Martin Pitt (pitti) wrote :

Passing around environment variables through files or through env makes the whole thing a security hole, so this now grabs the D-BUS session address from the running session's gvfsd process, if possible. This fixes the bug for me:

http://bazaar.launchpad.net/~apport-hackers/apport/trunk/revision/2772

Changed in update-notifier (Ubuntu):
status: Triaged → Invalid
Changed in apport (Ubuntu):
status: Triaged → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.13.3-0ubuntu1

---------------
apport (2.13.3-0ubuntu1) trusty; urgency=medium

  [ Martin Pitt ]
  * New upstream release:
    - etc/cron.daily/apport: Cleanup .drkonqi files after 7 days. Thanks Harald
      Sitter.
    - ui.py: Try to grab session D-BUS address from user's session when being
      called through pkexec. (LP: #1287460)

  [ Brian Murray ]
  * data/package-hooks/source_linux.py: ensure dupe_sig1 and dupe_sig2 are
    None if they are not found
 -- Martin Pitt <email address hidden> Fri, 07 Mar 2014 16:34:45 +0100

Changed in apport (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers