Ubuntu
media-hub package

more apparmor warnings

Bug #1356883 reported by Jani Monoses
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
media-hub (Ubuntu)
Fix Released
Medium
Jamie Strandboge
media-hub (Ubuntu RTM)
Fix Released
Undecided
Unassigned
mediascanner2 (Ubuntu)
Fix Released
Medium
Jamie Strandboge

Bug Description

I see these with image 188 on a non-Nexus4 phone.

Jan 1 01:01:09 ubuntu-phablet kernel: [ 21.553068] (3)[2083:gst-plugin-scan]type=1400 audit(1388538069.315:106): apparmor="DENIED" operation="open" profile="/usr/bin/mediascanner-service-2.0" name="/etc/udev/udev.conf" pid=2083 comm="gst-plugin-scan" requested_mask="r" denied_mask="r" fsuid=32011 ouid=0

Jan 1 01:01:14 ubuntu-phablet kernel: [ 26.660993] (1)[3147:gst-plugin-scan]type=1400 audit(1388538074.425:107): apparmor="DENIED" operation="open" profile="/usr/bin/media-hub-server" name="/etc/udev/udev.conf" pid=3147 comm="gst-plugin-scan" requested_mask="r" denied_mask="r" fsuid=32011 ouid=0

Related branches

lp:~jdstrand/mediascanner2/1356883
James Henstridge: Approve
PS Jenkins bot (community): Approve (continuous-integration)
Diff: 12 lines (+2/-0)
1 file modified
debian/usr.bin.mediascanner-service-2.0 (+2/-0)
lp:~jdstrand/media-hub/1356883
Jim Hodapp (community): Approve
PS Jenkins bot: Approve (continuous-integration)
Diff: 31 lines (+8/-0)
1 file modified
debian/usr.bin.media-hub-server (+8/-0)
lp:ubuntu/utopic-proposed/mediascanner2
Jani Monoses (jani)
Changed in mediascanner (Ubuntu):
assignee: nobody → Jamie Strandboge (jdstrand)
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

This is probably a noisy denial. Was there any loss of functionality with this?

Revision history for this message
Jani Monoses (jani) wrote :

I don't know if functionality is affected, as video thumbnails do not show up in the video scope.

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Can you adjust /etc/apparmor.d/usr.bin.mediascanner-service-2.0 to have (before the final '}'):
  /etc/udev/udev.conf r,

Then do:
$ sudo apparmor_parser -r /etc/apparmor.d/usr.bin.mediascanner-service-2.0 and try again (this allows the access).

Revision history for this message
Jani Monoses (jani) wrote :

With that change the errors no longer appear.

Jamie Strandboge (jdstrand)
tags: added: application-confinement
Jamie Strandboge (jdstrand)
Changed in media-hub (Ubuntu):
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in mediascanner (Ubuntu):
status: New → In Progress
Changed in media-hub (Ubuntu):
status: New → In Progress
importance: Undecided → Medium
Changed in mediascanner (Ubuntu):
importance: Undecided → Medium
Jamie Strandboge (jdstrand)
Changed in mediascanner2 (Ubuntu):
assignee: nobody → Jamie Strandboge (jdstrand)
importance: Undecided → Medium
status: New → In Progress
no longer affects: mediascanner (Ubuntu)
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mediascanner2 - 0.104+14.10.20140825-0ubuntu1

---------------
mediascanner2 (0.104+14.10.20140825-0ubuntu1) utopic; urgency=medium

  [ James Henstridge ]
  * Add support for custom sort orders in query(), queryAlbums() and
    queryArtists() methods. This breaks the ABI, so bump soname.
  * Update AppArmor policy to allow read access to
    /sys/devices/**/video4linux/video** (LP: #1353139)

  [ Ubuntu daily release ]
  * debian/libmediascanner-2.0-2.symbols: auto-update to released
    version

  [ Jussi Pakkanen ]
  * Fix inotify usage.
  * Store information on files that break GStreamer and skip them when
    encountered.
  * Don't call closedir with a null argument.
  * Add database integrity constraints.

  [ Jamie Strandboge ]
  * allow read access to /etc/udev/udev.conf for gstreamer (LP:
    #1356883) (LP: #1356883)
 -- Ubuntu daily release <email address hidden> Mon, 25 Aug 2014 12:52:17 +0000

Changed in mediascanner2 (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package media-hub - 2.0.0+14.10.20141015-0ubuntu1

---------------
media-hub (2.0.0+14.10.20141015-0ubuntu1) 14.09; urgency=low

  [ Jamie Strandboge ]
  * debian/usr.bin.media-hub-server: update for recent denials: allow
    read access to /etc/udev/udev.conf (LP: #1356883). add video
    abstraction. silence access to /run/udev/data/** like we do
    elsewhere. allow read on /dev/video*. allow read on
    /sys/devices/**/video4linux/video**. allow read on
    /sys/devices/**/video4linux/**/uevent (LP: #1356883)
  * debian/usr.bin.media-hub-server: allow reads on custom sounds (LP:
    #1377966) (LP: #1377966)

media-hub (2.0.0+14.10.20141014-0ubuntu1) utopic; urgency=low

  [ thomas-voss ]
  * Only expose the service as MPRIS instance if explicitly requested
    via env variable. (LP: #1381069)

media-hub (2.0.0+14.10.20141010-0ubuntu1) utopic; urgency=low

  [ Alberto Aguirre ]
  * Fix potential access to dead objects. (LP: #1364483)
 -- Ubuntu daily release <email address hidden> Wed, 15 Oct 2014 17:45:58 +0000

Changed in media-hub (Ubuntu RTM):
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package media-hub - 2.0.0+14.10.20141015.1-0ubuntu1

---------------
media-hub (2.0.0+14.10.20141015.1-0ubuntu1) 14.09; urgency=low

  [ Ubuntu daily release ]
  * New rebuild forced

  [ Ricardo Mendoza ]
  * Make use of MediaRecorderObserver interface from hybris to register
    as listeners for recording operations, so that we can then decide
    whether to hold a screen lock or not. (LP: #1362658)
 -- Ubuntu daily release <email address hidden> Wed, 15 Oct 2014 21:15:45 +0000

Changed in media-hub (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.