The fix from Olivier has been commited upstream, that's probably worth
backporting to bionic (note that there is already an ibus update in the
unapproved queue so a new upload needs to be based on that version)

** Also affects: ibus via
   Importance: Unknown
       Status: Unknown

** Changed in: ibus (Ubuntu)
   Importance: Undecided => Low

** Changed in: ibus (Ubuntu)
       Status: New => In Progress

** Changed in: ibus (Ubuntu)
     Assignee: (unassigned) => Olivier Tilloy (osomon)

You received this bug notification because you are a member of Desktop
Packages, which is subscribed to ibus in Ubuntu.

  ibus_bus_init does an unconditional call to chmod on

Status in ibus:
Status in ibus package in Ubuntu:
  In Progress

Bug description:
  This was spotted by jdstrand when running the chromium snap, which
  recently enabled ibus support (

  audit[16919]: AVC apparmor="DENIED" operation="chmod"
  profile="snap.chromium.chromium" name="/home/osomon/.config/ibus/bus/"
  pid=16919 comm="chromium-browse" requested_mask="w" denied_mask="w"
  fsuid=1000 ouid=1000

  The code that calls chmod is in ibus_bus_init:

    static void
    ibus_bus_init (IBusBus *bus)
      gchar *path;
      path = g_path_get_dirname (ibus_get_socket_path ());
      g_mkdir_with_parents (path, 0700);
      g_chmod (path, 0700);

  This could be avoided by checking first the file mode bits on that
  directory, and do the g_chmod call only if ≠ 0700.

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: ibus 1.5.17-3ubuntu1
  ProcVersionSignature: Ubuntu 4.15.0-13.14-generic 4.15.10
  Uname: Linux 4.15.0-13-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
  ApportVersion: 2.20.9-0ubuntu2
  Architecture: amd64
  CurrentDesktop: ubuntu:GNOME
  Date: Thu Apr  5 21:55:30 2018
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2016-07-02 (642 days ago)
  InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Release amd64 
  SourcePackage: ibus
  UpgradeStatus: Upgraded to bionic on 2018-01-29 (66 days ago)

To manage notifications about this bug go to:

Mailing list:
Post to     :
Unsubscribe :
More help   :

Reply via email to