Additional information:
premise:
p1) I made a test changing the owner and group of the /tmp/at-spi2/ folder with
the user logged-in solve the problem. Maybe it was granted, but it tried anyway
p2) Evince seem to work fine, I never detected problems reading pdf file during
normal work. This error does not seem to affect the entire program operation.
Based on of my knowledge I have tried to verify the requirements requested by
Jamie Strandboge:
a1) the environment and /tmp/at-spi2/:
considering what I have discovered a way to change the environment connected to
the '/tmp/at-spi2/' is to define XDG_RUNTIME_DIR, but this variable is not
defined, the command env|grep XDG produce:
XDG_SESSION_COOKIE=023e99a7ae9aa1d1d49fde2300000008-1393614529.236409-511883369
XDG_CONFIG_DIRS=/etc/xdg/xdg-gnome-shell:/etc/xdg
XDG_DATA_DIRS=/usr/share/gnome-shell:/usr/share/gnome:/usr/local/share/:/usr/share/
XDG_CURRENT_DESKTOP=GNOME
This is certainly not exhaustive but that's what I was able to discover about
this
a2) why is evince trying to chmod it?
I don't know the internal reasons of evince but this operation is always done
even when it is launched from the command without opening a pdf file directly.
I made an strace of evince launch from commnad line, a simple evince, and these
are the interesting lines:
...
recvmsg(11, 0x7fff3dbbb490, MSG_CMSG_CLOEXEC) = -1 EAGAIN (Resource
temporarily unavailable)
eventfd2(0, O_NONBLOCK|O_CLOEXEC) = 12
write(12, "\1\0\0\0\0\0\0\0", 8) = 8
fstat(11, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
fcntl(11, F_GETFL) = 0x802 (flags O_RDWR|O_NONBLOCK)
write(4, "\1\0\0\0\0\0\0\0", 8) = 8
brk(0x7f6836ff0000) = 0x7f6836ff0000
brk(0x7f6836fef000) = 0x7f6836fef000
sendmsg(11, {msg_name(0)=NULL,
msg_iov(2)=[{"l\1\1\1Y\0\0\0\2\0\0\0\177\0\0\0\1\1o\0\25\0\0\0/org/fre"...,
144}, {"T\0\0\0type='signal', interface='or"..., 89}], msg_controllen=0,
msg_flags=0}, MSG_NOSIGNAL) = 233
sendmsg(11, {msg_name(0)=NULL,
msg_iov(2)=[{"l\1\1\1d\0\0\0\3\0\0\0\177\0\0\0\1\1o\0\25\0\0\0/org/fre"...,
144}, {"_\0\0\0type='signal', interface='or"..., 100}], msg_controllen=0,
msg_flags=0}, MSG_NOSIGNAL) = 244
sendmsg(11, {msg_name(0)=NULL,
msg_iov(2)=[{"l\1\0\0010\0\0\0\4\0\0\0\202\0\0\0\1\1o\0\37\0\0\0/org/a11"...,
152}, {"\5\0\0\0:1.38\0\0\0\37\0\0\0/org/a11y/atspi/"..., 48}],
msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL) = 200
* mkdir("/tmp/at-spi2/", 01777) = -1 EEXIST (File exists)
* chmod("/tmp/at-spi2/", 01777) = -1 EACCES (Permission denied)
socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC, 0) = 13
* stat("/tmp/at-spi2/socket-4587-1804289383", 0x7fff3dbbb550) = -1 ENOENT (No
such file or directory)
setsockopt(13, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
* bind(13, {sa_family=AF_FILE, path="/tmp/at-spi2/socket-4587-1804289383"}, 37)
= 0
listen(13, 30) = 0
fcntl(13, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(13, F_SETFL, O_RDWR|O_NONBLOCK) = 0
* chmod("/tmp/at-spi2/socket-4587-1804289383", 0777) = 0
open("/dev/urandom", O_RDONLY) = 14
read(14, "\320\262\323\266\243\246\206\214\331G\v\330", 12) = 12
close(14) = 0
fstat(13, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
fcntl(13, F_GETFL) = 0x802 (flags O_RDWR|O_NONBLOCK)
write(4, "\1\0\0\0\0\0\0\0", 8) = 8
openat(AT_FDCWD, "/usr/lib/evince/4/backends",
O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 14
getdents(14, /* 14 entries */, 32768) = 584
open("/usr/lib/evince/4/backends/dvidocument.evince-backend", O_RDONLY) = 15
...
only five lines marked with '*' contain a reference to /tmp/at-spi2
folder
That's all for now.
No one else who follows this bug has been dealing with a similar
problem?
Many thanks to all !!!
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to evince in Ubuntu.
https://bugs.launchpad.net/bugs/1279272
Title:
apparmor denies evince a chmod operation
Status in “evince” package in Ubuntu:
Incomplete
Bug description:
Hi,
Recently I have enable Apparmor notify to desktop and when a pdf is open by
evice a message appear.
Not sure how it happens but since I enabled the apparmor notify to desktop I
realized that an error is raised.
This appens for any pdf document is open.
A chmod operation is denied on a /tmp sub-folder
Any error is in this form:
[ 5148.214512] type=1400 audit(1392198051.114:66): apparmor="DENIED"
operation="chmod" parent=1 profile="/usr/bin/evince" name="/tmp/at-
spi2/" pid=6922 comm="evince" requested_mask="w" denied_mask="w"
fsuid=1000 ouid=118
I do not know if this error can be the source of a malfunction of the
program, which is why I reported the problem.
My system is Ubuntu 12.04 LTS (updated to last available packages):
lsb_release -rd:
Description: Ubuntu 12.04.4 LTS
Release: 12.04
uname -a:
Linux ...... 3.2.0-58-generic #88-Ubuntu SMP Tue Dec 3 17:37:58 UTC 2013
x86_64 x86_64 x86_64 GNU/Linux
and evince is the standard package
dpkg -l|grep evince:
ii evince 3.4.0-0ubuntu1.7
Document (PostScript, PDF) viewer
ii evince-common 3.4.0-0ubuntu1.7
Document (PostScript, PDF) viewer - common files
ii libevince3-3 3.4.0-0ubuntu1.7
Document (PostScript, PDF) rendering library
as apparmor
dpkg -l|grep apparmor:
ii apparmor 2.7.102-0ubuntu3.9
User-space parser utility for AppArmor
ii apparmor-notify 2.7.102-0ubuntu3.9
AppArmor notification system
ii apparmor-profiles 2.7.102-0ubuntu3.9
Profiles for AppArmor Security policies
ii apparmor-utils 2.7.102-0ubuntu3.9
Utilities for controlling AppArmor
ii dh-apparmor 2.7.102-0ubuntu3.9
AppArmor debhelper routines
ii libapparmor-perl 2.7.102-0ubuntu3.9
AppArmor library Perl bindings
ii libapparmor1 2.7.102-0ubuntu3.9
changehat AppArmor library
Thanks
Enrico
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1279272/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
