Public bug reported:
Hi,
I tried to use a yubikey with opensc-pkcs11.so in Firefox.
It does not work since apparmor keeps firefox from opening the socket:
[ 264.899636] audit: type=1400 audit(1485248884.803:210):
apparmor="DENIED" operation="connect"
profile="/usr/lib/firefox/firefox{,*[^s][^h]}"
name="/run/pcscd/pcscd.comm" pid=5475 comm="SmartCard"
requested_mask="wr" denied_mask="wr" fsuid=1000 ouid=0
Firefox is also not allowed to read /etc/opensc/opensc.conf
I have put
/etc/opensc/opensc.conf r,
/{,var/}/run/pcscd/pcscd.comm w,
unix (connect,receive,send) type=stream
peer=(addr="@/run/pcscd/pcscd.com") ,
into /etc/apparmor.d/local/usr.bin.firefox , which fixed the problem
with opensc.conf, but for some reason I do not understand yet it does
not fix the problem with pcscd.com
regards
ProblemType: Bug
DistroRelease: Ubuntu 16.10
Package: opensc-pkcs11 0.16.0-1ubuntu2
ProcVersionSignature: Ubuntu 4.8.0-34.36-generic 4.8.11
Uname: Linux 4.8.0-34-generic x86_64
NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
ApportVersion: 2.20.3-0ubuntu8.2
Architecture: amd64
CurrentDesktop: XFCE
Date: Tue Jan 24 10:18:03 2017
InstallationDate: Installed on 2016-04-22 (276 days ago)
InstallationMedia: Lubuntu 16.04 LTS "Xenial Xerus" - Release amd64 (20160420)
SourcePackage: opensc
UpgradeStatus: Upgraded to yakkety on 2016-10-17 (99 days ago)
** Affects: opensc (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug yakkety
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1658941
Title:
apparmor keeps firefox from using opensc-pkcs11.so
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/opensc/+bug/1658941/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
