[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
for firefox 107.0.1 in linux mint 20.3 based on Ubuntu 20.04, when task
manager is opened, this rule is needed:
owner @{PROC}/[0-9]*/task/[0-9]*/comm r,
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
Confirmed
Status in firefox package in Ubuntu:
Fix Released
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit: type=1400 audit(1580237490.777:123):
apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}"
name="/home/dinar/.cache/mesa_shader_cache/index" pid=19720
comm="firefox" requested_mask="wrc" denied_mask="wrc"
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
Linux Mint 20.1 Ulyssa Firefox 89.0 after update, i got ff 89, i have messages like this in syslog, on every start of firefox: Jun 20 15:24:23 dinar-Lenovo-G580 wpa_supplicant[680]: wlp2s0: CTRL-EVENT-SIGNAL-CHANGE above=0 signal=-80 noise=-95 txrate=43300 Jun 20 15:25:21 dinar-Lenovo-G580 kernel: [22164.956789] audit: type=1400 audit(1624191921.071:165): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci:00/:00:1f.2/resource" pid=15814 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Jun 20 15:25:21 dinar-Lenovo-G580 kernel: [22164.956816] firefox[15814]: segfault at 0 ip 7ff585b5ad94 sp 7ffceca77710 error 6 in libxul.so[7ff582318000+5392000] Jun 20 15:25:21 dinar-Lenovo-G580 kernel: [22164.956822] Code: 00 e8 28 69 7c fc 50 80 3d f8 0b 4e 04 00 74 02 58 c3 c6 05 ed 0b 4e 04 01 48 8d 05 29 15 fc 02 48 8b 0d 47 36 3c 04 48 89 01 04 25 00 00 00 00 8b 01 00 00 e8 f4 68 7c fc 66 2e 0f 1f 84 00 Jun 20 15:25:21 dinar-Lenovo-G580 systemd[1]: Started Process Core Dump (PID 15815/UID 0). Jun 20 15:25:21 dinar-Lenovo-G580 kernel: [22164.998424] audit: type=1400 audit(1624191921.111:166): apparmor="DENIED" operation="open" profile="firefox" name="/run/user/1000/ICEauthority" pid=15809 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000 Jun 20 15:25:21 dinar-Lenovo-G580 systemd-coredump[15816]: Process 15814 (firefox) of user 1000 dumped core.#012#012Stack trace of thread 15814:#012#0 0x7ff585b5ad94 n/a (libxul.so + 0x4185d94)#012#1 0x7ff58ca19a27 __run_exit_handlers (libc.so.6 + 0x49a27)#012#2 0x7ff58ca19be0 __GI_exit (libc.so.6 + 0x49be0)#012#3 0x7ff5816f6c45 n/a (libpci.so.3 + 0x3c45)#012#4 0x7ff5816fc308 n/a (libpci.so.3 + 0x9308)#012#5 0x7ff585b64054 n/a (libxul.so + 0x418f054)#012#6 0x7ff585b649db n/a (libxul.so + 0x418f9db)#012#7 0x7ff585b5a13e n/a (libxul.so + 0x418513e)#012#8 0x7ff585b60ae3 n/a (libxul.so + 0x418bae3)#012#9 0x7ff585b60ee0 n/a (libxul.so + 0x418bee0)#012#10 0x556820bc9113 n/a (firefox + 0xc113)#012#11 0x7ff58c9f70b3 __libc_start_main (libc.so.6 + 0x270b3)#012#12 0x556820bc8b6e _start (firefox + 0xbb6e) Jun 20 15:25:21 dinar-Lenovo-G580 systemd[1]: systemd-coredump@8-15815-0.service: Succeeded. Jun 20 15:25:21 dinar-Lenovo-G580 kernel: [22165.724715] audit: type=1400 audit(1624191921.839:167): apparmor="DENIED" operation="open" profile="firefox" name="/proc/15809/cgroup" pid=15809 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000 Jun 20 15:25:21 dinar-Lenovo-G580 kernel: [22165.862576] audit: type=1107 audit(1624191921.975:168): pid=657 uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/RealtimeKit1" interface="org.freedesktop.DBus.Properties" member="Get" mask="send" name="org.freedesktop.RealtimeKit1" pid=15895 label="firefox" peer_pid=978 peer_label="unconfined" Jun 20 15:25:21 dinar-Lenovo-G580 kernel: [22165.862576] exe="/usr/bin/dbus-daemon" sauid=103 hostname=? addr=? terminal=?' Jun 20 15:25:22 dinar-Lenovo-G580 kernel: [22166.090862] audit: type=1107 audit(1624191922.207:169): pid=657 uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/RealtimeKit1" interface="org.freedesktop.DBus.Properties" member="Get" mask="send" name="org.freedesktop.RealtimeKit1" pid=15809 label="firefox" peer_pid=978 peer_label="unconfined" Jun 20 15:25:22 dinar-Lenovo-G580 kernel: [22166.090862] exe="/usr/bin/dbus-daemon" sauid=103 hostname=? addr=? terminal=?' Jun 20 15:25:22 dinar-Lenovo-G580 kernel: [22166.676720] audit: type=1107 audit(1624191922.791:170): pid=657 uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/RealtimeKit1" interface="org.freedesktop.DBus.Properties" member="Get" mask="send" name="org.freedesktop.RealtimeKit1" pid=15973 label="firefox" peer_pid=978 peer_label="unconfined" Jun 20 15:25:22 dinar-Lenovo-G580 kernel: [22166.676720] exe="/usr/bin/dbus-daemon" sauid=103 hostname=? addr=? terminal=?' Jun 20 15:25:23 dinar-Lenovo-G580 kernel: [22167.484270] audit: type=1107 audit(1624191923.599:171): pid=657 uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/RealtimeKit1" interface="org.freedesktop.DBus.Properties" member="Get" mask="send" name="org.freedesktop.RealtimeKit1" pid=16038 label="firefox" peer_pid=978 peer_label="unconfined" Jun 20 15:25:23 dinar-Lenovo-G580 kernel: [22167.484270] exe="/usr/bin/dbus-daemon" sauid=103 hostname=? addr=? terminal=?' Jun 20 15:25:25 dinar-Lenovo-G580 kernel: [22169.310779] audit: type=1107 audit(1624191925.427:172): pid=657 uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system"
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
messages, while starting firefox, after updating ubuntu to 20.10:
Jan 11 23:26:48 dinar-comp kernel: [ 181.634648] audit: type=1400
audit(1610396808.475:44): apparmor="DENIED" operation="open" profile="firefox"
name="/proc/2003/cgroup" pid=2003 comm="firefox" requested_mask="r"
denied_mask="r" fsuid=1000 ouid=1000
Jan 11 23:26:48 dinar-comp kernel: [ 181.989310] audit: type=1400
audit(1610396808.831:45): apparmor="DENIED" operation="connect"
profile="firefox" name="/tmp/.X11-unix/X0" pid=2207 comm="MainThread"
requested_mask="w" denied_mask="w" fsuid=1000 ouid=0
i added these rules:
@{PROC}/[0-9]*/cgroup r,
/tmp/.X11-unix/X0 w,
then, after enabling them and ff restart:
Jan 11 23:45:25 dinar-comp kernel: [ 1298.595946] audit: type=1400
audit(1610397925.435:79): apparmor="DENIED" operation="open"
profile="firefox" name="/sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us"
pid=2437 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000
ouid=0
i added this rule:
/sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us r,
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
Fix Released
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
[Touch-packages] [Bug 1004829] Re: [GA-MA74GMT-S2, Realtek ALC887-VD, Pink Mic, Front] No sound at all
mic connected to front is not working with this motherboard in ubuntu 20.04. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to alsa-driver in Ubuntu. https://bugs.launchpad.net/bugs/1004829 Title: [GA-MA74GMT-S2, Realtek ALC887-VD, Pink Mic, Front] No sound at all Status in alsa-driver package in Ubuntu: Expired Bug description: Mic doesn't work on Ubuntu 12.04 ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: alsa-base 1.0.25+dfsg-0ubuntu1 ProcVersionSignature: Ubuntu 3.2.0-24.39-generic 3.2.16 Uname: Linux 3.2.0-24-generic x86_64 NonfreeKernelModules: nvidia AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.24. ApportVersion: 2.0.1-0ubuntu7 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC1: srinivas 2967 F pulseaudio /dev/snd/controlC0: srinivas 2967 F pulseaudio Card0.Amixer.info: Card hw:0 'SB'/'HDA ATI SB at 0xfe024000 irq 16' Mixer name : 'Realtek ALC887-VD' Components : 'HDA:10ec0887,1458a002,00100302' Controls : 42 Simple ctrls : 21 Card1.Amixer.info: Card hw:1 'NVidia'/'HDA NVidia at 0xfcffc000 irq 19' Mixer name : 'Nvidia GPU 0b HDMI/DP' Components : 'HDA:10de000b,10de0101,00100200' Controls : 24 Simple ctrls : 4 Date: Sat May 26 14:20:32 2012 InstallationMedia: Ubuntu-Server 11.10 "Oneiric Ocelot" - Release amd64 (20111011) PackageArchitecture: all SourcePackage: alsa-driver Symptom: audio Symptom_AlsaRecordingTest: ALSA recording test through plughw:SB failed Symptom_Card: Built-in Audio - HDA ATI SB Symptom_DevicesInUse: 2967 2967 srinivas F pulseaudio /dev/snd/controlC0: srinivas F pulseaudio Symptom_Jack: Pink Mic, Front Symptom_Type: No sound at all Title: [GA-MA74GMT-S2, Realtek ALC887-VD, Pink Mic, Front] No sound at all UpgradeStatus: Upgraded to precise on 2012-04-27 (29 days ago) dmi.bios.date: 08/31/2010 dmi.bios.vendor: Award Software International, Inc. dmi.bios.version: F10 dmi.board.name: GA-MA74GMT-S2 dmi.board.vendor: Gigabyte Technology Co., Ltd. dmi.chassis.type: 3 dmi.chassis.vendor: Gigabyte Technology Co., Ltd. dmi.modalias: dmi:bvnAwardSoftwareInternational,Inc.:bvrF10:bd08/31/2010:svnGigabyteTechnologyCo.,Ltd.:pnGA-MA74GMT-S2:pvr:rvnGigabyteTechnologyCo.,Ltd.:rnGA-MA74GMT-S2:rvr:cvnGigabyteTechnologyCo.,Ltd.:ct3:cvr: dmi.product.name: GA-MA74GMT-S2 dmi.sys.vendor: Gigabyte Technology Co., Ltd. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1004829/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1004829] Re: [GA-MA74GMT-S2, Realtek ALC887-VD, Pink Mic, Front] No sound at all
i think i should say: does not work. i cannot test that computer now. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to alsa-driver in Ubuntu. https://bugs.launchpad.net/bugs/1004829 Title: [GA-MA74GMT-S2, Realtek ALC887-VD, Pink Mic, Front] No sound at all Status in alsa-driver package in Ubuntu: Expired Bug description: Mic doesn't work on Ubuntu 12.04 ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: alsa-base 1.0.25+dfsg-0ubuntu1 ProcVersionSignature: Ubuntu 3.2.0-24.39-generic 3.2.16 Uname: Linux 3.2.0-24-generic x86_64 NonfreeKernelModules: nvidia AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.24. ApportVersion: 2.0.1-0ubuntu7 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC1: srinivas 2967 F pulseaudio /dev/snd/controlC0: srinivas 2967 F pulseaudio Card0.Amixer.info: Card hw:0 'SB'/'HDA ATI SB at 0xfe024000 irq 16' Mixer name : 'Realtek ALC887-VD' Components : 'HDA:10ec0887,1458a002,00100302' Controls : 42 Simple ctrls : 21 Card1.Amixer.info: Card hw:1 'NVidia'/'HDA NVidia at 0xfcffc000 irq 19' Mixer name : 'Nvidia GPU 0b HDMI/DP' Components : 'HDA:10de000b,10de0101,00100200' Controls : 24 Simple ctrls : 4 Date: Sat May 26 14:20:32 2012 InstallationMedia: Ubuntu-Server 11.10 "Oneiric Ocelot" - Release amd64 (20111011) PackageArchitecture: all SourcePackage: alsa-driver Symptom: audio Symptom_AlsaRecordingTest: ALSA recording test through plughw:SB failed Symptom_Card: Built-in Audio - HDA ATI SB Symptom_DevicesInUse: 2967 2967 srinivas F pulseaudio /dev/snd/controlC0: srinivas F pulseaudio Symptom_Jack: Pink Mic, Front Symptom_Type: No sound at all Title: [GA-MA74GMT-S2, Realtek ALC887-VD, Pink Mic, Front] No sound at all UpgradeStatus: Upgraded to precise on 2012-04-27 (29 days ago) dmi.bios.date: 08/31/2010 dmi.bios.vendor: Award Software International, Inc. dmi.bios.version: F10 dmi.board.name: GA-MA74GMT-S2 dmi.board.vendor: Gigabyte Technology Co., Ltd. dmi.chassis.type: 3 dmi.chassis.vendor: Gigabyte Technology Co., Ltd. dmi.modalias: dmi:bvnAwardSoftwareInternational,Inc.:bvrF10:bd08/31/2010:svnGigabyteTechnologyCo.,Ltd.:pnGA-MA74GMT-S2:pvr:rvnGigabyteTechnologyCo.,Ltd.:rnGA-MA74GMT-S2:rvr:cvnGigabyteTechnologyCo.,Ltd.:ct3:cvr: dmi.product.name: GA-MA74GMT-S2 dmi.sys.vendor: Gigabyte Technology Co., Ltd. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1004829/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
python message after update to ubuntu 20.04 :
May 29 08:54:00 dinar-comp kernel: [ 369.424679] audit: type=1400
audit(1590731640.601:54): apparmor="DENIED" operation="file_mmap" profile="fire
fox//lsb_release" name="/usr/bin/python3.8" pid=2939 comm="lsb_release"
requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
there are several places about python:
profile lsb_release {
...
#include
...
/usr/include/python2.[4567]/pyconfig.h r,
...
/usr/local/lib/python3.[0-6]/dist-packages/ r,
...
/usr/bin/python3.[0-7] mr,
...
}
i change this ones, this way:
/usr/local/lib/python3.[0-8]/dist-packages/ r,
/usr/bin/python3.[0-8] mr,
i look /etc/apparmor.d/abstractions/python and see that python versions
are already appreciated up to 3.9.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
Triaged
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
after update to 76.0.1, fontconfig messages started again to appear on every
page opening.
i added
deny @{HOME}/.{,cache/}fontconfig/** w,
to abstractions/fonts, reloaded profile, and that notifications stopped to
appear.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
Triaged
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit: type=1400 audit(1580237490.777:123):
apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}"
name="/home/dinar/.cache/mesa_shader_cache/index" pid=19720
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
i said on feb 4:
"dbus_method_call messages still appear in logs, while saving. i do not know
why they are not reported by aa-notify."
i made this report on apparmor site on march 7:
https://gitlab.com/apparmor/apparmor/-/issues/81
"aa-notify does not show messages about dbus"
** Bug watch added: gitlab.com/apparmor/apparmor/-/issues #81
https://gitlab.com/apparmor/apparmor/-/issues/81
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit: type=1400
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
i changed /usr/bin/python3.[0-6] mr, to /usr/bin/python3.[0-7] mr, and
the python message disappeared while starting firefox.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit: type=1400 audit(1580237490.777:123):
apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}"
name="/home/dinar/.cache/mesa_shader_cache/index" pid=19720
comm="firefox" requested_mask="wrc" denied_mask="wrc" fsuid=1000
ouid=1000
these appeared while
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
appeared when opening a file from a manually mounted partition:
May 6 14:59:12 dinar-comp kernel: [544099.237323] audit: type=1400
audit(1588766352.217:3081): apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}"
name="/run/user/1000/ICEauthority" pid=6886 comm="firefox" requested_mask="r"
denied_mask="r" fsuid=1000 ouid=1000
linux and firefox were upgraded, firefox profile file was changed, i copied new
changes to my file.
appeared when starting firefox after system upgrade and reboot:
except dbus messages:
May 9 15:00:47 dinar-comp kernel: [ 227.464788] audit: type=1400
audit(1589025647.896:44): apparmor="DENIED" operation="open" profile="firefox"
name="/run/user/1000/ICEauthority" pid=2086 comm="firefox" requested_mask="r"
denied_mask="r" fsuid=1000 ouid=1000
May 9 15:00:49 dinar-comp kernel: [ 229.423946] audit: type=1400
audit(1589025649.856:45): apparmor="DENIED" operation="file_mmap"
profile="firefox//lsb_release" name="/usr/bin/python3.7" pid=2115
comm="lsb_release" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
i have a local file pinned, and tabs are restored after restart, the
"/run/user/1000/ICEauthority" may be because of it. (as in the may 6
message above).
appear when pressing ctrl+o:
May 9 15:23:33 dinar-comp kernel: [ 1592.754371] audit: type=1400
audit(1589027013.231:63): apparmor="DENIED" operation="open" profile="firefox"
name="/home/dinar/.xsession-errors" pid=2086 comm="pool-firefox"
requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
May 9 15:23:36 dinar-comp kernel: [ 1596.437062] audit: type=1400
audit(1589027016.916:65): apparmor="DENIED" operation="open" profile="firefox"
name="/run/mount/utab" pid=2086 comm="firefox" requested_mask="r"
denied_mask="r" fsuid=1000 ouid=0
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
appears when pressing ctrl+s:
Apr 17 17:13:48 dinar-comp kernel: [81128.012319] audit: type=1400
audit(1587132828.960:765): apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/run/mount/utab" pid=4596
comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit: type=1400 audit(1580237490.777:123):
apparmor="DENIED" operation="open"
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
to
"
i added w to
owner @{HOME}/.{,cache/}fontconfig/** mrl,
"
:
cboltz said in apparmor irc channel:
I'd recommend _not_ to allow writing to ~/.cache/fontconfig/ because apps could
in theory poison that cache
actually we recently (intentionally) removed write permissions in
abstractions/fonts
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit: type=1400 audit(1580237490.777:123):
apparmor="DENIED" operation="open"
[Touch-packages] [Bug 1872983] [NEW] in netcat-openbsd manpage, port argument description is not good
Public bug reported: in netcat-openbsd manpage, port argument description is not good. it is this: "port can be a specified as a numeric port number, or as a service name. Ports may be specified in a range of the form nn-mm. In general, a destination port must be specified, unless the -U option is given." why this is not good: really, the port argument also is used as source port: while using "nc -l 1234". this "nc -l 1234" is an example from the manpage in "CLIENT/SERVER MODEL" section, which is immediately after the port argument description. and this command works correctly. (while connecting from other computer with nc IPaddressHere 1234, it works, and in that case i think it is destination port, and thus source port for the command on first laptop. it must be source port on first comp, because a process must listen on a specific source port, they do not usually listen on all ports, as i know from my experience... unless it is something like tcpdump, and such programs run with root permission, while netcat runs with non-root permission... and it is because processes should not access to listening ports of other processes... ) the text "In general, a destination port must be specified, unless the -U option is given." is not good, because it says "must" and says "in general", and it is hard to disambiguate this. it can be understood as "in general" refers to the all cases except the "unless the -U option is given". in that way of understanding, it means that if the -U option is not given, it must be source port only. but really it is not so. so, "in general" does not refer to the all cases except the "unless the -U option is given". it just means, that destination port is more usually used in this place. but this way of understanding is also hard to accept, because the usage, the intention of the extra word "must" becomes not understood. it is extra, because it can be said shorter: "a destination port is specified", or it can be said with less of the fierce: "a destination port should be specified". ** Affects: netcat-openbsd (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to netcat-openbsd in Ubuntu. https://bugs.launchpad.net/bugs/1872983 Title: in netcat-openbsd manpage, port argument description is not good Status in netcat-openbsd package in Ubuntu: New Bug description: in netcat-openbsd manpage, port argument description is not good. it is this: "port can be a specified as a numeric port number, or as a service name. Ports may be specified in a range of the form nn-mm. In general, a destination port must be specified, unless the -U option is given." why this is not good: really, the port argument also is used as source port: while using "nc -l 1234". this "nc -l 1234" is an example from the manpage in "CLIENT/SERVER MODEL" section, which is immediately after the port argument description. and this command works correctly. (while connecting from other computer with nc IPaddressHere 1234, it works, and in that case i think it is destination port, and thus source port for the command on first laptop. it must be source port on first comp, because a process must listen on a specific source port, they do not usually listen on all ports, as i know from my experience... unless it is something like tcpdump, and such programs run with root permission, while netcat runs with non-root permission... and it is because processes should not access to listening ports of other processes... ) the text "In general, a destination port must be specified, unless the -U option is given." is not good, because it says "must" and says "in general", and it is hard to disambiguate this. it can be understood as "in general" refers to the all cases except the "unless the -U option is given". in that way of understanding, it means that if the -U option is not given, it must be source port only. but really it is not so. so, "in general" does not refer to the all cases except the "unless the -U option is given". it just means, that destination port is more usually used in this place. but this way of understanding is also hard to accept, because the usage, the intention of the extra word "must" becomes not understood. it is extra, because it can be said shorter: "a destination port is specified", or it can be said with less of the fierce: "a destination port should be specified". To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/netcat-openbsd/+bug/1872983/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
seems these are links to browse the profiles online:
https://bazaar.launchpad.net/~mozillateam/firefox/firefox.focal/view/head:/debian/usr.bin.firefox.apparmor.14.10
https://git.launchpad.net/apparmor/tree/profiles/apparmor.d/abstractions
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit: type=1400 audit(1580237490.777:123):
apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}"
name="/home/dinar/.cache/mesa_shader_cache/index"
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
what is ubuntu's policy for updating this profile? it looks like package
maintainers are not updating this profile on every package update. why?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit: type=1400 audit(1580237490.777:123):
apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}"
name="/home/dinar/.cache/mesa_shader_cache/index" pid=19720
comm="firefox" requested_mask="wrc" denied_mask="wrc" fsuid=1000
ouid=1000
these
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
i have reenabled the capability rules ans added these to them, also from
the chromium profile:
owner @{PROC}/@{pid}/setgroups w,
owner @{PROC}/@{pid}/uid_map w,
owner @{PROC}/@{pid}/gid_map w,
.
i have prepared dbus rules:
dbus send
bus=system
path=/org/freedesktop/RealtimeKit1
interface=org.freedesktop.DBus.Properties
member=Get
peer=(name=org.freedesktop.RealtimeKit1|label="/usr/lib/firefox/firefox{,*[^s][^h]}")
dbus send
bus=session
path=/org/gtk/vfs/Daemon
interface=org.gtk.vfs.Daemon
member=ListMonitorImplementations
peer=(name=":1.10" | label="/usr/lib/firefox/firefox{,*[^s][^h]}" )
dbus send
bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor"
member="IsSupported"
peer=(name=":1.35" | label="/usr/lib/firefox/firefox{,*[^s][^h]}" )
dbus send
bus="session"
path="/org/gtk/vfs/mounttracker"
interface="org.gtk.vfs.MountTracker"
member="ListMounts2"
peer=( name=":1.10" | label="/usr/lib/firefox/firefox{,*[^s][^h]}" )
dbus send
bus="session"
path="/org/gtk/vfs/mounttracker"
interface="org.gtk.vfs.MountTracker"
member="LookupMount"
peer=( name=":1.10" | label="/usr/lib/firefox/firefox{,*[^s][^h]}" )
dbus send
bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties"
member="GetAll"
peer=( name=":1.120" | label="/usr/lib/firefox/firefox{,*[^s][^h]}" )
dbus send
bus="session"
path="/ca/desrt/dconf/Writer/user"
interface="ca.desrt.dconf.Writer"
member="Change"
peer=( name="ca.desrt.dconf" | label="/usr/lib/firefox/firefox{,*[^s][^h]}"
)
dbus receive
bus="session"
path="/ca/desrt/dconf/Writer/user"
interface="ca.desrt.dconf.Writer"
member="Notify"
peer=( name=":1.21" | label="/usr/lib/firefox/firefox{,*[^s][^h]}" )
please somebody correct them and say to which file they should be added.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
message when switching to read mode:
Feb 26 13:13:13 dinar-HP-Pavilion-g7-Notebook-PC kernel: [64008.165294] audit:
type=1400 audit(1582711993.444:302): apparmor="DENIED" operation="exec"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}"
name="/usr/bin/speech-dispatcher" pid=30443 comm=7370656563686420696E6974
requested_mask="x" denied_mask="x" fsuid=1000 ouid=0
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit: type=1400 audit(1580237490.777:123):
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
/ r,
/**/ r,
is not enough. because thumbnails are not shown. much better would be to use a
separate program as a helper application, while it can read all files but it is
very simple and can only open a file by gui mouse click, and cannot connect
internet.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit: type=1400 audit(1580237490.777:123):
apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}"
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
after firefox restart these appeared:
Feb 24 09:30:04 dinar-HP-Pavilion-g7-Notebook-PC kernel: [ 141.932834] audit:
type=1400 audit(1582525804.452:27): apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/proc/1888/uid_map"
pid=1888 comm=495043204C61756E6368202331 requested_mask="w" denied_mask="w"
fsuid=1000 ouid=1000
Feb 24 09:30:04 dinar-HP-Pavilion-g7-Notebook-PC kernel: [ 141.934780] IPC
Launch #1[1888]: segfault at 0 ip 7fa9fe84808c sp 7fa9f0efa780 error 6
in libxul.so[7fa9fdfac000+6f21000]
Feb 24 09:30:04 dinar-HP-Pavilion-g7-Notebook-PC kernel: [ 141.934798] Code:
75 12 89 e8 48 81 c4 10 02 00 00 5b 41 5c 41 5e 41 5f 5d c3 e8 f5 bb fc ff 48
8d 05 ae 89 85 04 48 8b 0d 57 75 c6 06 48 89 01 04 25 00 00 00 00 1e 02 00
00 e8 ac 4a fd ff 48 8d 05 e3 89 85
Feb 24 09:30:06 dinar-HP-Pavilion-g7-Notebook-PC wpa_supplicant[826]: wlo1:
CTRL-EVENT-SIGNAL-CHANGE above=0 signal=-85 noise=-95 txrate=14400
Feb 24 09:30:10 dinar-HP-Pavilion-g7-Notebook-PC kernel: [ 148.016837] audit:
type=1400 audit(1582525810.536:28): apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/proc/1926/uid_map"
pid=1926 comm=495043204C61756E6368202331 requested_mask="w" denied_mask="w"
fsuid=1000 ouid=1000
Feb 24 09:30:10 dinar-HP-Pavilion-g7-Notebook-PC kernel: [ 148.017346] IPC
Launch #1[1926]: segfault at 0 ip 7fa9fe84808c sp 7fa9eb29d780 error 6
in libxul.so[7fa9fdfac000+6f21000]
Feb 24 09:30:10 dinar-HP-Pavilion-g7-Notebook-PC kernel: [ 148.017359] Code:
75 12 89 e8 48 81 c4 10 02 00 00 5b 41 5c 41 5e 41 5f 5d c3 e8 f5 bb fc ff 48
8d 05 ae 89 85 04 48 8b 0d 57 75 c6 06 48 89 01 04 25 00 00 00 00 1e 02 00
00 e8 ac 4a fd ff 48 8d 05 e3 89 85
Feb 24 09:30:11 dinar-HP-Pavilion-g7-Notebook-PC kernel: [ 148.895517] IPC
Launch #1[1973]: segfault at 0 ip 7fa9fe84808c sp 7fa9ea5a2780 error 6
in libxul.so[7fa9fdfac000+6f21000]
Feb 24 09:30:11 dinar-HP-Pavilion-g7-Notebook-PC kernel: [ 148.895535] Code:
75 12 89 e8 48 81 c4 10 02 00 00 5b 41 5c 41 5e 41 5f 5d c3 e8 f5 bb fc ff 48
8d 05 ae 89 85 04 48 8b 0d 57 75 c6 06 48 89 01 04 25 00 00 00 00 1e 02 00
00 e8 ac 4a fd ff 48 8d 05 e3 89 85
Feb 24 09:30:11 dinar-HP-Pavilion-g7-Notebook-PC kernel: [ 148.895594] audit:
type=1400 audit(1582525811.416:29): apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/proc/1973/uid_map"
pid=1973 comm=495043204C61756E6368202331 requested_mask="w" denied_mask="w"
fsuid=1000 ouid=1000
Feb 24 09:30:12 dinar-HP-Pavilion-g7-Notebook-PC kernel: [ 150.432287] IPC
Launch #1[1991]: segfault at 0 ip 7fa9fe84808c sp 7fa9fba7f780 error 6
in libxul.so[7fa9fdfac000+6f21000]
Feb 24 09:30:12 dinar-HP-Pavilion-g7-Notebook-PC kernel: [ 150.432303] Code:
75 12 89 e8 48 81 c4 10 02 00 00 5b 41 5c 41 5e 41 5f 5d c3 e8 f5 bb fc ff 48
8d 05 ae 89 85 04 48 8b 0d 57 75 c6 06 48 89 01 04 25 00 00 00 00 1e 02 00
00 e8 ac 4a fd ff 48 8d 05 e3 89 85
Feb 24 09:30:12 dinar-HP-Pavilion-g7-Notebook-PC kernel: [ 150.432405] audit:
type=1400 audit(1582525812.952:30): apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/proc/1991/uid_map"
pid=1991 comm=495043204C61756E6368202331 requested_mask="w" denied_mask="w"
fsuid=1000 ouid=1000
Feb 24 09:30:14 dinar-HP-Pavilion-g7-Notebook-PC wpa_supplicant[826]: wlo1:
CTRL-EVENT-SIGNAL-CHANGE above=1 signal=-75 noise=-95 txrate=13000
Feb 24 09:30:14 dinar-HP-Pavilion-g7-Notebook-PC kernel: [ 152.373278] IPC
Launch #1[2012]: segfault at 0 ip 7fa9fe84808c sp 7fa9f6fd9780 error 6
in libxul.so[7fa9fdfac000+6f21000]
Feb 24 09:30:14 dinar-HP-Pavilion-g7-Notebook-PC kernel: [ 152.373293] Code:
75 12 89 e8 48 81 c4 10 02 00 00 5b 41 5c 41 5e 41 5f 5d c3 e8 f5 bb fc ff 48
8d 05 ae 89 85 04 48 8b 0d 57 75 c6 06 48 89 01 04 25 00 00 00 00 1e 02 00
00 e8 ac 4a fd ff 48 8d 05 e3 89 85
Feb 24 09:30:14 dinar-HP-Pavilion-g7-Notebook-PC kernel: [ 152.373325] audit:
type=1400 audit(1582525814.892:31): apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/proc/2012/uid_map"
pid=2012 comm=495043204C61756E6368202331 requested_mask="w" denied_mask="w"
fsuid=1000 ouid=1000
and i have seen some suspicious things, for that i commented out those
capability rules.
also, there were problems, in addition to the new messages: firefox said
{ff has been updated, you must restart it} on every tab, if i open them,
and then after restarting, content of that tabs were lost. one of them
has put ubuntu.com at address bar, another become blank.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit,
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
also there are /sys/devices/system/cpu/ r,
/etc/firefox*/ r,
/etc/xulrunner-2.0*/ r,
/etc/gre.d/ r,
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit: type=1400 audit(1580237490.777:123):
apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}"
name="/home/dinar/.cache/mesa_shader_cache/index" pid=19720
comm="firefox" requested_mask="wrc" denied_mask="wrc" fsuid=1000
ouid=1000
these appeared while saving a file:
Jan
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
i have some questions and wishes about rules that are in the profile:
# so browsing directories works
/ r,
/**/ r,
what if comment these out and allow / and owner @{HOME}/** , instead of
these? does firefox need other directory listings? maybe i will try.
i see /usr/ r, /etc/ r, /opt/ r, @{PROC}/ r, /usr/bin/ r, are already
allowed, why are these used? i would like to see there comments, in the
profile.
# Default profile allows downloads to ~/Downloads and uploads from ~/Public
owner @{HOME}/ r,
owner @{HOME}/Public/ r,
owner @{HOME}/Public/* r,
owner @{HOME}/Downloads/ r,
owner @{HOME}/Downloads/* rw,
are not you going to put there all language variants?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
i added these lines to ff profile:
#copied from abstractions/lightdm_chromium-browser
capability sys_admin, # for sandbox to change namespaces
capability sys_chroot, # fod sandbox to chroot to a safe directory
capability setgid, # for sandbox to drop privileges
capability setuid, # for sandbox to drop privileges
capability sys_ptrace, # chromium needs this to keep track of itself
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit:
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
>At the moment we recommend granting the capability in the profile and
letting firefox setup its sandbox.
why do not ubuntu developers add it? (before they make it other way.)
>Unfortunately this means you can't guarantee the rest of the program
isn't doing things it shouldn't.
what it can do using this capability, without using any other additional
apparmor allow rules? can you give any examples?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit: type=1400
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
i asked about sys_admin capability and got some answers:
https://groups.google.com/forum/#!topic/mozilla.dev.platform/UK4nm7MtTxQ
(i wanted to ask in firefox-dev mailing list but the dev-platform list
was said about as more appropriate).
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit: type=1400 audit(1580237490.777:123):
apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}"
name="/home/dinar/.cache/mesa_shader_cache/index"
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
i have added these lines:
in /etc/apparmor.d/abstractions/gnome :
@{HOME}/.local/share/gvfs-metadata/** r,
in /etc/apparmor.d/abstractions/xdg-desktop :
owner @{HOME}/.cache/mesa_shader_cache/** rw,
and messages (i use aa-notify) when saving disappeared.
dbus_method_call messages still appear in logs, while saving. i do not
know why they are not reported by aa-notify.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit: type=1400 audit(1580237490.777:123):
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
i think
Jan 30 11:08:28 dinar-HP-Pavilion-g7-Notebook-PC kernel: [ 464.049675]
audit: type=1400 audit(1580371708.871:38): apparmor="DENIED"
operation="open" profile="/usr/lib/firefox/firefox{,*[^s][^h]}"
name="/home/dinar/.local/share/gvfs-metadata/home" pid=1584 comm="pool"
requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
message, which appear while saving files, was caused by my edition. i am
sorry.
i edited /etc/apparmor.d/abstractions/ubuntu-browsers.d/user-files
this way:
i commented out
@{HOME}/** r,
owner @{HOME}/** w,
and have added
@{HOME}/Общедоступные/** r,
owner @{HOME}/Загрузки/** rwk,
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send"
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
i added w to
owner @{HOME}/.{,cache/}fontconfig/** mrl,
in /etc/apparmor.d/abstractions/fonts
and after profile replace, frequent messages stopped.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit: type=1400 audit(1580237490.777:123):
apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}"
name="/home/dinar/.cache/mesa_shader_cache/index" pid=19720
comm="firefox" requested_mask="wrc" denied_mask="wrc" fsuid=1000
ouid=1000
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
i modified /etc/apparmor.d/abstractions/fonts by adding w to
owner @{HOME}/.{,cache/}fontconfig/ r,
and replaced ff apparmor profile with "sudo apparmor_parser -r -T -W
/etc/apparmor.d/usr.bin.firefox".
then i tried to open a page, and i got these:
Feb 3 21:26:26 dinar-Lenovo-G580 kernel: [14092.695137] audit:
type=1400 audit(1580754386.268:292): apparmor="DENIED" operation="mknod"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}"
name="/home/dinar/.cache/fontconfig/CACHEDIR.TAG.TMP-ZjyBns" pid=8547
comm=57656220436F6E74656E74 requested_mask="c" denied_mask="c"
fsuid=1000 ouid=1000
Feb 3 21:26:26 dinar-Lenovo-G580 kernel: [14092.695143] audit:
type=1400 audit(1580754386.268:293): apparmor="DENIED" operation="mknod"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}"
name="/home/dinar/.cache/fontconfig/a41116dafaf8b233ac2c61cb73f2ea5f-
le64.cache-7.TMP-6nwuBp" pid=8547 comm=57656220436F6E74656E74
requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send"
[Touch-packages] [Bug 1861408] Re: firefox apparmor messages
** Package changed: firefox (Ubuntu) => apparmor (Ubuntu)
** Also affects: firefox (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1861408
Title:
firefox apparmor messages
Status in apparmor package in Ubuntu:
New
Status in firefox package in Ubuntu:
New
Bug description:
firefox version 72.0.1 64 bit, 72.0.1+linuxmint1+tricia , linux mint
19.3.
i see there is newer ubuntu version in
https://www.ubuntuupdates.org/package/ubuntu_mozilla_security/bionic/main/base/firefox
, 72.0.2+build1-0ubuntu0.18.04.1 , but its changes are not for
apparmor.
i have not found a page for firefox bugs in linux mint sites, so i
belive i should report here. but i have also asked about that in linux
mint's irc and then github.
i have enabled apparmor for firefox and see these types of messages in
syslog:
Jan 28 18:43:33 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.111' (uid=1000
pid=1922 comm="/usr/lib/firefox/firefox " label="unconfined")
Jan 28 18:44:36 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5525.077960] audit: type=1400 audit(1580226276.440:27):
apparmor="DENIED" operation="capable"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}" pid=15948
comm="firefox" capability=21 capname="sys_admin"
Jan 28 18:44:37 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5526.471731] audit: type=1107 audit(1580226277.832:28): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/RealtimeKit1"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.freedesktop.RealtimeKit1" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1320
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/Daemon" interface="org.gtk.vfs.Daemon"
member="ListMonitorImplementations" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/Private/RemoteVolumeMonitor"
interface="org.gtk.Private.RemoteVolumeMonitor" member="IsSupported"
mask="send" name=":1.35" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1385
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMounts2" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:47 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="LookupMount" mask="send" name=":1.10" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1262
peer_label="unconfined"
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[735]:
[system] Activating via systemd: service
name='org.freedesktop.hostname1' unit='dbus-
org.freedesktop.hostname1.service' requested by ':1.119' (uid=1000
pid=15948 comm="/usr/lib/firefox/firefox "
label="/usr/lib/firefox/firefox{,*[^s][^h]} (enforce)")
Jan 28 18:44:48 dinar-HP-Pavilion-g7-Notebook-PC kernel: [
5536.783313] audit: type=1107 audit(1580226288.143:34): pid=735
uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED"
operation="dbus_method_call" bus="system"
path="/org/freedesktop/hostname1"
interface="org.freedesktop.DBus.Properties" member="GetAll"
mask="send" name=":1.120" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=16177
peer_label="unconfined"
Jan 28 18:45:02 dinar-HP-Pavilion-g7-Notebook-PC dbus-daemon[1181]:
apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/ca/desrt/dconf/Writer/user" interface="ca.desrt.dconf.Writer"
member="Change" mask="send" name="ca.desrt.dconf" pid=15948
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1370
peer_label="unconfined"
Jan 28 21:51:30 dinar-HP-Pavilion-g7-Notebook-PC kernel:
[10131.880788] audit: type=1400 audit(1580237490.777:123):
apparmor="DENIED" operation="open"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}"
name="/home/dinar/.cache/mesa_shader_cache/index" pid=19720
comm="firefox" requested_mask="wrc" denied_mask="wrc" fsuid=1000
ouid=1000
these
