[Bug 1934005] [NEW] abstractions/X: Possible regression of X session functionality by removing 'w' from /tmp/.X11-unix/* line?

Tue, 29 Jun 2021 11:51:06 -0700 

Public bug reported:

In Focal, abstractions/X has the following section in it:

  # the unix socket to use to connect to the display
  /tmp/.X11-unix/* rw,
  unix (connect, receive, send)
       type=stream
       peer=(addr="@/tmp/.X11-unix/X[0-9]*"),
  unix (connect, receive, send)
       type=stream
       peer=(addr="@/tmp/.ICE-unix/[0-9]*"),


However, in Impish, this seems to have changed:

  # the unix socket to use to connect to the display
  /tmp/.X11-unix/* r,
  unix (connect, receive, send)
       type=stream
       peer=(addr="@/tmp/.X11-unix/X[0-9]*"),
  unix (connect, receive, send)
       type=stream
       peer=(addr="@/tmp/.ICE-unix/[0-9]*"),

This in turn breaks torbrowser-launcher's Firefox from launching, even
if we include the X abstractions, because the display sockets in
/tmp/.X11-unix/* (X0 for Display :0 for example) are not read/write.

This looks like a MAJOR regression by removing the permissions.  Or has
Impish apparmor not been updated for any Ubuntu specific changes?

ProblemType: Bug
DistroRelease: Ubuntu 21.10
Package: apparmor 3.0.0-0ubuntu8
ProcVersionSignature: Ubuntu 5.11.0-20.21+21.10.1-generic 5.11.21
Uname: Linux 5.11.0-20-generic x86_64
ApportVersion: 2.20.11-0ubuntu67
Architecture: amd64
CasperMD5CheckResult: unknown
CurrentDesktop: LXQt
Date: Tue Jun 29 14:39:00 2021
InstallationDate: Installed on 2021-06-29 (0 days ago)
InstallationMedia: Lubuntu 21.10 "Impish Indri" - Alpha amd64 (20210628)
ProcKernelCmdline: BOOT_IMAGE=/boot/vmlinuz-5.11.0-20-generic 
root=UUID=d042602b-0900-4b2e-acb1-f67436e9805f ro quiet splash vt.handoff=7
SourcePackage: apparmor
UpgradeStatus: No upgrade log present (probably fresh install)

** Affects: apparmor (Ubuntu)
     Importance: High
         Status: New


** Tags: amd64 apport-bug impish

** Summary changed:

- abstractions/X: Possible regression by removing 'w' from /tmp/.X11-unix/* line
+ abstractions/X: Possible regression of X session functionality by removing 
'w' from /tmp/.X11-unix/* line?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1934005

Title:
  abstractions/X: Possible regression of X session functionality by
  removing 'w' from /tmp/.X11-unix/* line?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1934005/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to