On 2017-01-31 05:46 PM, Jean-Philippe Guérard wrote: > I was able to reproduce the problem, but only using the flash plugin: > > Jan 31 23:38:34 tigreraye kernel: [221147.141240] audit: type=1400 > audit(1485902314.881:3406): apparmor="DENIED" operation="mknod" > profile="/usr/lib/firefox/firefox{,*[^s][^h]}" > name="/dev/shm/org.chromium.CvbXEt" pid=11592 comm="plugin-containe" > requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000 > Jan 31 23:38:34 tigreraye kernel: [221147.141263] audit: type=1400 > audit(1485902314.881:3407): apparmor="DENIED" operation="mknod" > profile="/usr/lib/firefox/firefox{,*[^s][^h]}" > name="/dev/shm/org.chromium.5Am9iK" pid=11592 comm="plugin-containe" > requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Good, thanks for the additional information. > I also tried the java plugin, but it does not use /dev/shm (it fails, > but for another reason): > > Jan 31 23:43:49 tigreraye kernel: [221461.300441] audit: type=1400 > audit(1485902629.062:6116995): apparmor="DENIED" operation="exec" > profile="/usr/lib/firefox/firefox{,*[^s][^h]}" > name="/usr/lib/jvm/java-8-oracle/jre/bin/java" pid=11779 > comm="plugin-containe" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 > Jan 31 23:43:49 tigreraye kernel: [221461.301683] audit: type=1400 > audit(1485902629.062:6116996): apparmor="DENIED" operation="exec" > profile="/usr/lib/firefox/firefox{,*[^s][^h]}" > name="/usr/lib/jvm/java-8-oracle/jre/bin/java" pid=11780 > comm="plugin-containe" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 Yeah, it seems like the Oracle version of the JRE/JDK isn't authorized in /etc/apparmor.d/abstractions/ubuntu-browsers.d/java. Even OpenJDK/JRE 8 isn't authorized. Both should be supported IMHO. Thanks, Simon -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1495248 Title: usr.bin.firefox blocks /dev/shm Status in firefox package in Ubuntu: Confirmed Bug description: When apparmor is activated for Firefox, I get the following log messages: [28547.841769] audit: type=1400 audit(1442154214.608:109): apparmor="DENIED" operation="mknod" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/dev/shm/shmfd-mSnoHU" pid=7425 comm ="firefox" requested_mask="c" denied_mask="c" fsuid=1111 ouid=1111 Both /run/shm/shmfd-* and /var/run/shm/shmfd-* are allowed, but not /dev/shm/shmfd-*. Changing : owner /{,var/}run/shm/shmfd-* rw, To: owner /{dev,{,var/}run}/shm/shmfd-* rw, seems to fix the issue. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1495248/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp