Ubuntu
evince package

Support nimf in evince debian/apparmor-profile

Bug #1569863 reported by Hodong Kim
28
This bug affects 6 people
Affects Status Importance Assigned to Milestone
evince (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

Hello.

I am a nimf developer. Nimf is an input method framework based on Unix Socket.
For more information look at https://github.com/cogniti/nimf

Current evince profile has the following denials:

---
kern.log:Apr 5 11:32:28 hodong-desktop kernel: [ 23.036294] audit: type=1400 audit(1459823548.936:22): apparmor="DENIED" operation="connect" profile="/usr/bin/evince" pid=1565 comm="evince" family="unix" sock_type="stream" protocol=0 requested_mask="send receive connect" denied_mask="send connect" addr=none peer_addr="@unix:abstract=nimf" peer="unconfined"
---

So, I added /etc/apparmor.d/abstractions/nimf in nimf project.
https://github.com/cogniti/nimf/blob/c14a66e7a2fb2e5363a26d07a963cf9e911ea005/data/apparmor-abstractions/nimf

---
# vim:syntax=apparmor

  # Allow connecting to the nimf-daemon socket
  unix (send, receive, connect)
       type=stream
       peer=(addr="@unix:abstract=nimf"),
---

And modified /etc/apparmor.d/usr.bin.evince in Ubuntu 16.04

hodong@desktop:~/Downloads/debian$ diff -Nurp apparmor-profile apparmor-profile-new
--- apparmor-profile 2016-03-09 06:38:47.000000000 +0900
+++ apparmor-profile-new 2016-04-13 21:07:33.231782000 +0900
@@ -13,6 +13,7 @@
   #include <abstractions/dbus-accessibility>
   #include <abstractions/evince>
   #include <abstractions/ibus>
+ #include <abstractions/nimf>
   #include <abstractions/nameservice>

   #include <abstractions/ubuntu-browsers>
@@ -120,6 +121,7 @@
   #include <abstractions/dbus-strict>
   #include <abstractions/evince>
   #include <abstractions/ibus>
+ #include <abstractions/nimf>
   #include <abstractions/nameservice>

   #include <abstractions/ubuntu-browsers>

Then it works fine.
Would you support nimf input method in Ubuntu evince profile?
Please modify debian/apparmor-profile as mentioned above.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in evince (Ubuntu):
status: New → Confirmed
Revision history for this message
Hodong Kim (hodong) wrote :

I have updated https://github.com/cogniti/nimf/blob/master/data/apparmor-abstractions/nimf

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.