Tentatively added an apparmor-easyprof-ubuntu task to clarify whether
it’s acceptable to have the "microphone" and "camera" policy groups
conflict on /dev/.
** Also affects: apparmor-easyprof-ubuntu (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Apps bug tracking, which is subscribed to webbrowser-app in Ubuntu.
https://bugs.launchpad.net/bugs/1626611
Title:
camera not detected when running confined on desktop
Status in apparmor-easyprof-ubuntu package in Ubuntu:
New
Status in webbrowser-app package in Ubuntu:
Confirmed
Bug description:
Running on xenial + xenial overlay.
The camera cannot be accessed. Seeing the following apparmor denials:
bfiller@blackhorse:~$ tail -f /var/log/syslog | grep DEN
Sep 22 11:14:11 blackhorse dbus[1811]: apparmor="DENIED"
operation="dbus_method_call" bus="session" path="/org/gtk/vfs/Daemon"
interface="org.gtk.vfs.Daemon" member="ListMonitorImplementations" mask="send"
name=":1.7" pid=4207 label="webbrowser-app" peer_pid=1919
peer_label="unconfined"
Sep 22 11:14:11 blackhorse kernel: [ 2448.215755] audit: type=1400
audit(1474557251.512:59): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/usr/share/gvfs/remote-volume-monitors/"
pid=4207 comm="webbrowser-app" requested_mask="r" denied_mask="r" fsuid=1000
ouid=0
Sep 22 11:14:11 blackhorse kernel: [ 2448.224997] audit: type=1400
audit(1474557251.524:60): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/sys/bus/" pid=4207 comm="webbrowser-app"
requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Sep 22 11:14:11 blackhorse kernel: [ 2448.225064] audit: type=1400
audit(1474557251.524:61): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/sys/class/drm/" pid=4207 comm="webbrowser-app"
requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Sep 22 11:14:11 blackhorse dbus[1811]: apparmor="DENIED"
operation="dbus_method_call" bus="session" path="/org/gtk/vfs/mounttracker"
interface="org.gtk.vfs.MountTracker" member="ListMountableInfo" mask="send"
name=":1.7" pid=4207 label="webbrowser-app" peer_pid=1919
peer_label="unconfined"
Sep 22 11:14:11 blackhorse kernel: [ 2448.663730] audit: type=1400
audit(1474557251.960:62): apparmor="DENIED" operation="open"
profile="webbrowser-app//oxide_helper"
name="/sys/devices/system/cpu/cpufreq/policy0/cpuinfo_max_freq" pid=4220
comm="oxide-renderer" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Sep 22 11:14:11 blackhorse kernel: [ 2448.670941] audit: type=1400
audit(1474557251.968:63): apparmor="DENIED" operation="open"
profile="webbrowser-app//oxide_helper"
name="/opt/google/chrome/PepperFlash/manifest.json" pid=4220
comm="oxide-renderer" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Sep 22 11:14:11 blackhorse kernel: [ 2448.675938] audit: type=1400
audit(1474557251.972:64): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/sys/bus/" pid=4207 comm="webbrowser-app"
requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Sep 22 11:14:11 blackhorse kernel: [ 2448.675983] audit: type=1400
audit(1474557251.972:65): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/sys/class/drm/" pid=4207 comm="webbrowser-app"
requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Sep 22 11:14:11 blackhorse kernel: [ 2448.680663] audit: type=1400
audit(1474557251.976:66): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/opt/google/chrome/PepperFlash/manifest.json"
pid=4207 comm="webbrowser-app" requested_mask="r" denied_mask="r" fsuid=1000
ouid=0
Sep 22 11:14:12 blackhorse kernel: [ 2448.723161] audit: type=1400
audit(1474557252.020:67): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6-1000" pid=4243
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 22 11:14:12 blackhorse kernel: [ 2448.723181] audit: type=1400
audit(1474557252.020:68): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6" pid=4242
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=108
Sep 22 11:14:17 blackhorse kernel: [ 2453.723913] audit: type=1400
audit(1474557257.020:73): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6-1000" pid=4243
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 22 11:14:17 blackhorse kernel: [ 2453.724018] audit: type=1400
audit(1474557257.020:74): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6" pid=4242
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=108
Sep 22 11:14:17 blackhorse kernel: [ 2453.724120] audit: type=1400
audit(1474557257.020:75): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6-1000" pid=4243
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 22 11:14:17 blackhorse kernel: [ 2453.724196] audit: type=1400
audit(1474557257.020:76): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6" pid=4242
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=108
Sep 22 11:14:22 blackhorse kernel: [ 2458.724841] audit: type=1400
audit(1474557262.024:77): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6-1000" pid=4243
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 22 11:14:22 blackhorse kernel: [ 2458.724944] audit: type=1400
audit(1474557262.024:78): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6" pid=4242
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=108
Sep 22 11:14:22 blackhorse kernel: [ 2458.725194] audit: type=1400
audit(1474557262.024:79): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6" pid=4242
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=108
Sep 22 11:14:22 blackhorse kernel: [ 2458.725285] audit: type=1400
audit(1474557262.024:80): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6-1000" pid=4243
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 22 11:14:27 blackhorse kernel: [ 2463.725548] audit: type=1400
audit(1474557267.024:81): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6-1000" pid=4243
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 22 11:14:27 blackhorse kernel: [ 2463.725915] audit: type=1400
audit(1474557267.024:82): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6" pid=4242
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=108
Sep 22 11:14:27 blackhorse kernel: [ 2463.726047] audit: type=1400
audit(1474557267.024:83): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6" pid=4242
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=108
Sep 22 11:14:27 blackhorse kernel: [ 2463.726096] audit: type=1400
audit(1474557267.024:84): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6-1000" pid=4243
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 22 11:14:32 blackhorse kernel: [ 2468.726791] audit: type=1400
audit(1474557272.024:85): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6-1000" pid=4243
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 22 11:14:32 blackhorse kernel: [ 2468.726880] audit: type=1400
audit(1474557272.024:86): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6-1000" pid=4243
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 22 11:14:32 blackhorse kernel: [ 2468.726997] audit: type=1400
audit(1474557272.024:87): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6" pid=4242
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=108
Sep 22 11:14:32 blackhorse kernel: [ 2468.727169] audit: type=1400
audit(1474557272.024:88): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6" pid=4242
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=108
Sep 22 11:14:37 blackhorse kernel: [ 2473.727190] audit: type=1400
audit(1474557277.024:89): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6-1000" pid=4243
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 22 11:14:37 blackhorse kernel: [ 2473.727234] audit: type=1400
audit(1474557277.024:90): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6-1000" pid=4243
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 22 11:14:37 blackhorse kernel: [ 2473.727404] audit: type=1400
audit(1474557277.024:91): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6" pid=4242
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=108
Sep 22 11:14:37 blackhorse kernel: [ 2473.727476] audit: type=1400
audit(1474557277.024:92): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6" pid=4242
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=108
Sep 22 11:14:40 blackhorse kernel: [ 2476.772488] audit: type=1400
audit(1474557280.068:93): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/home/bfiller/" pid=4262 comm="FileInfoThread"
requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 22 11:14:42 blackhorse kernel: [ 2478.727539] audit: type=1400
audit(1474557282.024:94): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6-1000" pid=4243
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 22 11:14:42 blackhorse kernel: [ 2478.727595] audit: type=1400
audit(1474557282.024:95): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6-1000" pid=4243
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 22 11:14:42 blackhorse kernel: [ 2478.727778] audit: type=1400
audit(1474557282.024:96): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6" pid=4242
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=108
Sep 22 11:14:42 blackhorse kernel: [ 2478.727904] audit: type=1400
audit(1474557282.024:97): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6" pid=4242
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=108
Sep 22 11:14:47 blackhorse kernel: [ 2483.728308] audit: type=1400
audit(1474557287.024:98): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6-1000" pid=4243
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 22 11:14:47 blackhorse kernel: [ 2483.728394] audit: type=1400
audit(1474557287.024:99): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6-1000" pid=4243
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 22 11:14:47 blackhorse kernel: [ 2483.728511] audit: type=1400
audit(1474557287.024:100): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6" pid=4242
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=108
Sep 22 11:14:47 blackhorse kernel: [ 2483.728661] audit: type=1400
audit(1474557287.024:101): apparmor="DENIED" operation="open"
profile="webbrowser-app" name="/dev/shm/lttng-ust-wait-6" pid=4242
comm="QQmlThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=108
^C
bfiller@blackhorse:~$
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor-easyprof-ubuntu/+bug/1626611/+subscriptions
--
Mailing list: https://launchpad.net/~ubuntu-apps-bugs
Post to : ubuntu-apps-bugs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~ubuntu-apps-bugs
More help : https://help.launchpad.net/ListHelp
