Ubuntu
firefox package

  1. Bug #1659988
  2. Comment #27

Comment 27 for bug 1659988

Revision history for this message
Sziráki Tamás (sziraki.tamas) wrote :

@Thomas Mayer (thomas303)
Using your profile in #21, also, I take FF in enforce mode but partly always fall back to unconfined mode while the apparmor_status shows the complete FF in enforced mode. The download and upload only to and from a special folder does not work.

Part of kern.log:
Jan 31 21:10:17 tom kernel: [127276.261000] audit: type=1400 audit(1485893417.670:57134): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=27913 comm="apparmor_parser"
Jan 31 21:10:17 tom kernel: [127276.276889] audit: type=1400 audit(1485893417.686:57135): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/lib/firefox/firefox{,*[^s][^h]}//browser_java" pid=27913 comm="apparmor_parser"
Jan 31 21:10:17 tom kernel: [127276.276914] audit: type=1400 audit(1485893417.686:57136): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/lib/firefox/firefox{,*[^s][^h]}//browser_openjdk" pid=27913 comm="apparmor_parser"
Jan 31 21:10:17 tom kernel: [127276.276925] audit: type=1400 audit(1485893417.686:57137): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/lib/firefox/firefox{,*[^s][^h]}//lsb_release" pid=27913 comm="apparmor_parser"
Jan 31 21:10:17 tom kernel: [127276.276936] audit: type=1400 audit(1485893417.686:57138): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/lib/firefox/firefox{,*[^s][^h]}//sanitized_helper" pid=27913 comm="apparmor_parser"
Jan 31 21:10:24 tom kernel: [127282.852615] audit: type=1400 audit(1485893424.262:57139): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=27918 comm="apparmor_parser"
Jan 31 21:10:24 tom kernel: [127282.876766] audit: type=1400 audit(1485893424.286:57140): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/lib/firefox/firefox{,*[^s][^h]}//browser_java" pid=27918 comm="apparmor_parser"
Jan 31 21:10:24 tom kernel: [127282.877369] audit: type=1400 audit(1485893424.286:57141): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/lib/firefox/firefox{,*[^s][^h]}//browser_openjdk" pid=27918 comm="apparmor_parser"
Jan 31 21:10:24 tom kernel: [127282.877675] audit: type=1400 audit(1485893424.286:57142): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/lib/firefox/firefox{,*[^s][^h]}//lsb_release" pid=27918 comm="apparmor_parser"
Jan 31 21:10:24 tom kernel: [127282.877960] audit: type=1400 audit(1485893424.286:57143): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/lib/firefox/firefox{,*[^s][^h]}//sanitized_helper" pid=27918 comm="apparmor_parser"