Ubuntu
firefox package

usr.bin.firefox apparmor profile blocks access to VFS services

Bug #1553763 reported by Jean-Philippe Guérard
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
firefox (Ubuntu)
New
Undecided
Unassigned

Bug Description

When I launch Firefox with apparmor enabled, I get the following errors:

Mar 6 17:31:04 tigreraye dbus[4030]: apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon" member="ListMonitorImplementations" mask="send" name=":1.43" pid=4480 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=4206 peer_label="unconfined"
Mar 6 17:31:13 tigreraye dbus[4030]: apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/gtk/vfs/metadata" interface="org.gtk.vfs.Metadata" member="Set" mask="send" name=":1.100" pid=4480 label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=4437 peer_label="unconfined"

Adding the following lines to the apparmor profile fixes the issue:

dbus send bus=session path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon" member="ListMonitorImplementations",
dbus send bus=session path="/org/gtk/vfs/metadata" interface="org.gtk.vfs.Metadata" member="Set",

Revision history for this message
Thomas Mayer (thomas303) wrote :

Not a duplicate of bug #1659988 (which is about python 3.5 support).

Revision history for this message
Thomas Mayer (thomas303) wrote :

Patched it in VERSION 7 of my patch, available at https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1659988/comments/30

Revision history for this message
Alex L. (alexandr-lishchuk) wrote :

How can I help to make valid patch for for those that are still on 14.04 (like me)?
Patching VERSION 7 is not successful for profile:

patching file usr.bin.firefox
Hunk #3 succeeded at 88 (offset -15 lines).
Hunk #4 succeeded at 92 (offset -15 lines).
Hunk #5 succeeded at 118 (offset -20 lines).
Hunk #6 succeeded at 227 (offset -20 lines).
Hunk #7 succeeded at 231 (offset -20 lines).
Hunk #8 FAILED at 256.
Hunk #9 FAILED at 258.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.