[Desktop-packages] [Bug 975901] Re: guest session is not confined by apparmor
I fixed this upstream: http://bazaar.launchpad.net/~lightdm-
team/lightdm/trunk/revision/1487
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/975901
Title:
guest session is not confined by apparmor
Status in “lightdm” package in Ubuntu:
In Progress
Status in “lightdm” source package in Precise:
In Progress
Bug description:
When running a guest session, I noticed I could access the home directories
of other users on the system.
aa-status showed the guest session process was not confined by apparmor.
25 profiles are in enforce mode
/usr/lib/lightdm/lightdm-guest-session-wrapper
/etc/apparmor.d/lightdm-guest-session has
/usr/lib/lightdm/lightdm-guest-session-wrapper {
However, the actual guest session wrapper script is shipped in
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper.
After I changed /etc/apparmor.d/lightdm-guest-session to point to the
correct location of the wrapper, the guest session was correctly
confined, as shown with aa-status, and access to other home
directories was properly denied.
81 processes are in enforce mode.
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper (5217)
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: lightdm 1.2.0-0ubuntu1
ProcVersionSignature: Ubuntu 3.2.0-22.35-generic 3.2.14
Uname: Linux 3.2.0-22-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.0-0ubuntu4
Architecture: amd64
Date: Sat Apr 7 13:45:14 2012
EcryptfsInUse: Yes
ProcEnviron:
TERM=xterm
PATH=(custom, user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: lightdm
UpgradeStatus: Upgraded to precise on 2012-02-18 (49 days ago)
mtime.conffile..etc.apparmor.d.lightdm.guest.session: 2012-04-07T12:42:00
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/975901/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 975901] Re: guest session is not confined by apparmor
** Branch linked: lp:~ubuntu-desktop/lightdm/ubuntu
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/975901
Title:
guest session is not confined by apparmor
Status in “lightdm” package in Ubuntu:
In Progress
Status in “lightdm” source package in Precise:
In Progress
Bug description:
When running a guest session, I noticed I could access the home directories
of other users on the system.
aa-status showed the guest session process was not confined by apparmor.
25 profiles are in enforce mode
/usr/lib/lightdm/lightdm-guest-session-wrapper
/etc/apparmor.d/lightdm-guest-session has
/usr/lib/lightdm/lightdm-guest-session-wrapper {
However, the actual guest session wrapper script is shipped in
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper.
After I changed /etc/apparmor.d/lightdm-guest-session to point to the
correct location of the wrapper, the guest session was correctly
confined, as shown with aa-status, and access to other home
directories was properly denied.
81 processes are in enforce mode.
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper (5217)
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: lightdm 1.2.0-0ubuntu1
ProcVersionSignature: Ubuntu 3.2.0-22.35-generic 3.2.14
Uname: Linux 3.2.0-22-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.0-0ubuntu4
Architecture: amd64
Date: Sat Apr 7 13:45:14 2012
EcryptfsInUse: Yes
ProcEnviron:
TERM=xterm
PATH=(custom, user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: lightdm
UpgradeStatus: Upgraded to precise on 2012-02-18 (49 days ago)
mtime.conffile..etc.apparmor.d.lightdm.guest.session: 2012-04-07T12:42:00
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/975901/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 975901] Re: guest session is not confined by apparmor
This bug was fixed in the package lightdm - 1.2.0-0ubuntu2
---
lightdm (1.2.0-0ubuntu2) precise; urgency=low
* Fix wrapper path in AppArmor profile. This got broken in 1.1.1. Patch also
committed upstream, and cherry-picked (r1487) (LP: #975901)
-- Martin Pitt martin.p...@ubuntu.com Tue, 10 Apr 2012 11:06:03 +0200
** Changed in: lightdm (Ubuntu Precise)
Status: In Progress = Fix Released
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/975901
Title:
guest session is not confined by apparmor
Status in “lightdm” package in Ubuntu:
Fix Released
Status in “lightdm” source package in Precise:
Fix Released
Bug description:
When running a guest session, I noticed I could access the home directories
of other users on the system.
aa-status showed the guest session process was not confined by apparmor.
25 profiles are in enforce mode
/usr/lib/lightdm/lightdm-guest-session-wrapper
/etc/apparmor.d/lightdm-guest-session has
/usr/lib/lightdm/lightdm-guest-session-wrapper {
However, the actual guest session wrapper script is shipped in
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper.
After I changed /etc/apparmor.d/lightdm-guest-session to point to the
correct location of the wrapper, the guest session was correctly
confined, as shown with aa-status, and access to other home
directories was properly denied.
81 processes are in enforce mode.
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper (5217)
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: lightdm 1.2.0-0ubuntu1
ProcVersionSignature: Ubuntu 3.2.0-22.35-generic 3.2.14
Uname: Linux 3.2.0-22-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.0-0ubuntu4
Architecture: amd64
Date: Sat Apr 7 13:45:14 2012
EcryptfsInUse: Yes
ProcEnviron:
TERM=xterm
PATH=(custom, user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: lightdm
UpgradeStatus: Upgraded to precise on 2012-02-18 (49 days ago)
mtime.conffile..etc.apparmor.d.lightdm.guest.session: 2012-04-07T12:42:00
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/975901/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 975901] Re: guest session is not confined by apparmor
** Changed in: lightdm (Ubuntu)
Importance: Undecided = High
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/975901
Title:
guest session is not confined by apparmor
Status in “lightdm” package in Ubuntu:
New
Bug description:
When running a guest session, I noticed I could access the home directories
of other users on the system.
aa-status showed the guest session process was not confined by apparmor.
25 profiles are in enforce mode
/usr/lib/lightdm/lightdm-guest-session-wrapper
/etc/apparmor.d/lightdm-guest-session has
/usr/lib/lightdm/lightdm-guest-session-wrapper {
However, the actual guest session wrapper script is shipped in
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper.
After I changed /etc/apparmor.d/lightdm-guest-session to point to the
correct location of the wrapper, the guest session was correctly
confined, as shown with aa-status, and access to other home
directories was properly denied.
81 processes are in enforce mode.
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper (5217)
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: lightdm 1.2.0-0ubuntu1
ProcVersionSignature: Ubuntu 3.2.0-22.35-generic 3.2.14
Uname: Linux 3.2.0-22-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.0-0ubuntu4
Architecture: amd64
Date: Sat Apr 7 13:45:14 2012
EcryptfsInUse: Yes
ProcEnviron:
TERM=xterm
PATH=(custom, user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: lightdm
UpgradeStatus: Upgraded to precise on 2012-02-18 (49 days ago)
mtime.conffile..etc.apparmor.d.lightdm.guest.session: 2012-04-07T12:42:00
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/975901/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 975901] Re: guest session is not confined by apparmor
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper sounds like a
recent packaging error. When I wrote the policy the path definitively
was /usr/lib/lightdm/lightdm-guest-session-wrapper. Robert, is that new
path intended? It looks a bit exaggerated.
** Also affects: lightdm (Ubuntu Precise)
Importance: High
Status: New
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/975901
Title:
guest session is not confined by apparmor
Status in “lightdm” package in Ubuntu:
New
Status in “lightdm” source package in Precise:
New
Bug description:
When running a guest session, I noticed I could access the home directories
of other users on the system.
aa-status showed the guest session process was not confined by apparmor.
25 profiles are in enforce mode
/usr/lib/lightdm/lightdm-guest-session-wrapper
/etc/apparmor.d/lightdm-guest-session has
/usr/lib/lightdm/lightdm-guest-session-wrapper {
However, the actual guest session wrapper script is shipped in
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper.
After I changed /etc/apparmor.d/lightdm-guest-session to point to the
correct location of the wrapper, the guest session was correctly
confined, as shown with aa-status, and access to other home
directories was properly denied.
81 processes are in enforce mode.
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper (5217)
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: lightdm 1.2.0-0ubuntu1
ProcVersionSignature: Ubuntu 3.2.0-22.35-generic 3.2.14
Uname: Linux 3.2.0-22-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.0-0ubuntu4
Architecture: amd64
Date: Sat Apr 7 13:45:14 2012
EcryptfsInUse: Yes
ProcEnviron:
TERM=xterm
PATH=(custom, user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: lightdm
UpgradeStatus: Upgraded to precise on 2012-02-18 (49 days ago)
mtime.conffile..etc.apparmor.d.lightdm.guest.session: 2012-04-07T12:42:00
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/975901/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 975901] Re: guest session is not confined by apparmor
** Changed in: lightdm (Ubuntu Precise)
Milestone: None = ubuntu-12.04
** Tags added: regression-release
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/975901
Title:
guest session is not confined by apparmor
Status in “lightdm” package in Ubuntu:
New
Status in “lightdm” source package in Precise:
New
Bug description:
When running a guest session, I noticed I could access the home directories
of other users on the system.
aa-status showed the guest session process was not confined by apparmor.
25 profiles are in enforce mode
/usr/lib/lightdm/lightdm-guest-session-wrapper
/etc/apparmor.d/lightdm-guest-session has
/usr/lib/lightdm/lightdm-guest-session-wrapper {
However, the actual guest session wrapper script is shipped in
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper.
After I changed /etc/apparmor.d/lightdm-guest-session to point to the
correct location of the wrapper, the guest session was correctly
confined, as shown with aa-status, and access to other home
directories was properly denied.
81 processes are in enforce mode.
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper (5217)
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: lightdm 1.2.0-0ubuntu1
ProcVersionSignature: Ubuntu 3.2.0-22.35-generic 3.2.14
Uname: Linux 3.2.0-22-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.0-0ubuntu4
Architecture: amd64
Date: Sat Apr 7 13:45:14 2012
EcryptfsInUse: Yes
ProcEnviron:
TERM=xterm
PATH=(custom, user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: lightdm
UpgradeStatus: Upgraded to precise on 2012-02-18 (49 days ago)
mtime.conffile..etc.apparmor.d.lightdm.guest.session: 2012-04-07T12:42:00
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/975901/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 975901] Re: guest session is not confined by apparmor
** Changed in: lightdm (Ubuntu Precise)
Assignee: (unassigned) = Martin Pitt (pitti)
** Changed in: lightdm (Ubuntu Precise)
Status: New = In Progress
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/975901
Title:
guest session is not confined by apparmor
Status in “lightdm” package in Ubuntu:
In Progress
Status in “lightdm” source package in Precise:
In Progress
Bug description:
When running a guest session, I noticed I could access the home directories
of other users on the system.
aa-status showed the guest session process was not confined by apparmor.
25 profiles are in enforce mode
/usr/lib/lightdm/lightdm-guest-session-wrapper
/etc/apparmor.d/lightdm-guest-session has
/usr/lib/lightdm/lightdm-guest-session-wrapper {
However, the actual guest session wrapper script is shipped in
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper.
After I changed /etc/apparmor.d/lightdm-guest-session to point to the
correct location of the wrapper, the guest session was correctly
confined, as shown with aa-status, and access to other home
directories was properly denied.
81 processes are in enforce mode.
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper (5217)
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: lightdm 1.2.0-0ubuntu1
ProcVersionSignature: Ubuntu 3.2.0-22.35-generic 3.2.14
Uname: Linux 3.2.0-22-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.0-0ubuntu4
Architecture: amd64
Date: Sat Apr 7 13:45:14 2012
EcryptfsInUse: Yes
ProcEnviron:
TERM=xterm
PATH=(custom, user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: lightdm
UpgradeStatus: Upgraded to precise on 2012-02-18 (49 days ago)
mtime.conffile..etc.apparmor.d.lightdm.guest.session: 2012-04-07T12:42:00
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/975901/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 975901] Re: guest session is not confined by apparmor
** Visibility changed to: Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/975901
Title:
guest session is not confined by apparmor
Status in “lightdm” package in Ubuntu:
New
Bug description:
When running a guest session, I noticed I could access the home directories
of other users on the system.
aa-status showed the guest session process was not confined by apparmor.
25 profiles are in enforce mode
/usr/lib/lightdm/lightdm-guest-session-wrapper
/etc/apparmor.d/lightdm-guest-session has
/usr/lib/lightdm/lightdm-guest-session-wrapper {
However, the actual guest session wrapper script is shipped in
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper.
After I changed /etc/apparmor.d/lightdm-guest-session to point to the
correct location of the wrapper, the guest session was correctly
confined, as shown with aa-status, and access to other home
directories was properly denied.
81 processes are in enforce mode.
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper (5217)
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: lightdm 1.2.0-0ubuntu1
ProcVersionSignature: Ubuntu 3.2.0-22.35-generic 3.2.14
Uname: Linux 3.2.0-22-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.0-0ubuntu4
Architecture: amd64
Date: Sat Apr 7 13:45:14 2012
EcryptfsInUse: Yes
ProcEnviron:
TERM=xterm
PATH=(custom, user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: lightdm
UpgradeStatus: Upgraded to precise on 2012-02-18 (49 days ago)
mtime.conffile..etc.apparmor.d.lightdm.guest.session: 2012-04-07T12:42:00
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/975901/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
