Comment 0 for bug 1761585

This was spotted by jdstrand when running the chromium snap, which recently enabled ibus support (https://forum.snapcraft.io/t/cant-use-input-method-in-snap-apps/4712/12):

audit[16919]: AVC apparmor="DENIED" operation="chmod" profile="snap.chromium.chromium" name="/home/osomon/.config/ibus/bus/" pid=16919 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000

The code that calls chmod is in ibus_bus_init:

  static void
  ibus_bus_init (IBusBus *bus)
  {
    gchar *path;
    […]
    path = g_path_get_dirname (ibus_get_socket_path ());
    g_mkdir_with_parents (path, 0700);
    g_chmod (path, 0700);
    […]
  }

This could be avoided by checking first the file mode bits on that directory, and do the g_chmod call only if ≠ 0700.

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: ibus 1.5.17-3ubuntu1
ProcVersionSignature: Ubuntu 4.15.0-13.14-generic 4.15.10
Uname: Linux 4.15.0-13-generic x86_64
NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
ApportVersion: 2.20.9-0ubuntu2
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Thu Apr 5 21:55:30 2018
EcryptfsInUse: Yes
InstallationDate: Installed on 2016-07-02 (642 days ago)
InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.1)
SourcePackage: ibus
UpgradeStatus: Upgraded to bionic on 2018-01-29 (66 days ago)