Ubuntu
firefox package

apparmor profile for Firefox should allow /dev/video0 access

Bug #860880 reported by Guillaume
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
firefox (Ubuntu)
Won't Fix
Undecided
Unassigned

Bug Description

Hello,

With Firefox 6.0.2 apparmor profile enabled on Natty, Flash and Google Talk can't access the webcam. If I put Firefox in complain mode, it works but I get this kind of message:

[ 1856.852807] type=1400 audit(1317154329.250:137): apparmor="DENIED" operation="open" parent=4390 profile="/usr/lib/firefox-6.0.2/firefox{,*[^s][^h]}" name="/dev/video0" pid=4447 comm="npviewer.bin" requested_mask="rw" denied_mask="rw" fsuid=1026 ouid=0

Best regards

Guillaume

Tags: apparmor
Jamie Strandboge (jdstrand)
Changed in apparmor (Ubuntu):
status: New → Triaged
tags: added: apparmor
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thank you for using and reporting a bug. As a workaround, you can add the following to /etc/apparmor.d/local/usr.bin.firefox:
  /dev/video0 rw,

Then do:
$ sudo apparmor_parser -r /etc/apparmor.d/usr.bin.firefox

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

I don't think this should be allowed by default, but do think it could be part of a googletalk profile or flash profile. User's who require this for now should add the access to /etc/apparmor.d/local/usr.bin.firefox. A future update may provide an easier method to enable this, or even a commented out entry.

affects: apparmor (Ubuntu) → firefox (Ubuntu)
Changed in firefox (Ubuntu):
status: Triaged → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.