On Thu 30 Nov 2017 at 11:57:41 +0100, solitone wrote: > On 30/11/17 08:48, Alexander V. Makartsev wrote: > > I had this problem too, and yes AppArmor is the reason. > > Yes, I had a look at logs and I can confirm that apparmor is indeed the > culprit: > > ----------------------------------------------------------------------- > ~$ sudo journalctl -kaf --no-hostname | grep thunderbird > Nov 30 11:15:03 kernel: audit: type=1400 audit(1512036903.046:65): > apparmor="DENIED" operation="file_mmap" profile="thunderbird//lsb_release" > name="/usr/bin/python3.5" pid=27432 comm="lsb_release" requested_mask="m" > denied_mask="m" fsuid=1000 ouid=0 > Nov 30 11:15:15 kernel: audit: type=1400 audit(1512036915.636:66): > apparmor="DENIED" operation="exec" profile="thunderbird" > name="/usr/bin/chromium" pid=27508 comm="thunderbird" requested_mask="x" > denied_mask="x" fsuid=1000 ouid=0 > ----------------------------------------------------------------------- > > It's a known bug, which is marked as solved since it has been solved in the > latest version of thunderbird (1:52.4.0-2~exp1): > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855346#135 > > My question is--when will be this version come to stable? At the moment we > have 1:52.4.0-1~deb9u1:
https://lists.debian.org/debian-devel/2017/08/msg00090.html > tl;dr: I hereby propose we enable AppArmor by default in testing/sid, > and decide one year later if we want to keep it this way in the > Buster release. -- Brian.
