[Bug 2127874] Re: Clicking a hyperlink in Evince fails to open it if the default browser is a snap

Sat, 18 Oct 2025 11:29:42 -0700 

It might help to add this to the AppArmor "snap_browsers" profile:

          /sys/fs/cgroup/cgroup.controllers r,
          /sys/kernel/security/apparmor/features/ r,
          /sys/kernel/security/apparmor/features/caps/ r,
          /sys/kernel/security/apparmor/features/dbus/ r,

(after inspecting AppArmor DENIED messages, I don't really understand
why they are needed)


** Description changed:

  Users cannot open a hyperlink in a PDF opened with evince when the
  default browser is a snap.
  
  Error message in console:
  internal error, please report: running "firefox" failed: timeout waiting for 
snap system profiles to get updated
+ 
+ Relevant messages from dmesg:
+ [ 1481.282216] audit: type=1400 audit(1760464287.080:742): apparmor="DENIED" 
operation="open" class="file" profile="/usr/bin/evince//snap_browsers" 
name="/sys/fs/cgroup/cgroup.controllers" pid=11382 comm="firefox" 
requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
+ [ 1481.285679] audit: type=1400 audit(1760464287.084:743): apparmor="DENIED" 
operation="open" class="file" profile="/usr/bin/evince//snap_browsers" 
name="/sys/kernel/security/apparmor/features/caps/" pid=11382 comm="firefox" 
requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
+ [ 1481.286340] audit: type=1400 audit(1760464287.084:745): apparmor="DENIED" 
operation="exec" class="file" profile="/usr/bin/evince//snap_browsers" 
name="/usr/bin/systemctl" pid=11393 comm="firefox" requested_mask="x" 
denied_mask="x" fsuid=1000 ouid=0
  
  
  Description:    Ubuntu 24.04.3 LTS
  Release:        24.04
  
  apparmor:
    Installed: 4.0.1really4.0.1-0ubuntu0.24.04.4
    Candidate: 4.0.1really4.0.1-0ubuntu0.24.04.4
    Version table:
   *** 4.0.1really4.0.1-0ubuntu0.24.04.4 500
          500 http://se.archive.ubuntu.com/ubuntu noble-updates/main amd64 
Packages
          100 /var/lib/dpkg/status
       4.0.0-beta3-0ubuntu3 500
          500 http://se.archive.ubuntu.com/ubuntu noble/main amd64 Packages
  
  evince:
    Installed: 46.3.1-0ubuntu1
    Candidate: 46.3.1-0ubuntu1
    Version table:
   *** 46.3.1-0ubuntu1 500
          500 http://se.archive.ubuntu.com/ubuntu noble-updates/main amd64 
Packages
          100 /var/lib/dpkg/status
       46.0-1build1 500
          500 http://se.archive.ubuntu.com/ubuntu noble/main amd64 Packages
  
  $ snap --version
  snap 2.71+ubuntu24.04
  snapd 2.71+ubuntu24.04
  series 16
  ubuntu 24.04
  kernel 6.14.0-33-generic

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2127874

Title:
  Clicking a hyperlink in Evince fails to open it if the default browser
  is a snap

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2127874/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to