Ubuntu
telepathy-mission-control-5 package

the apparmor profile should allow access to avatars datas

Bug #1257816 reported by Sebastien Bacher
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
telepathy-mission-control-5 (Ubuntu)
Fix Released
Low
Jamie Strandboge

Bug Description

Running current trusty, my dmesg has those warnings

[23143.439364] type=1400 audit(1386169878.808:166): apparmor="DENIED" operation="open" parent=2441 profile="/usr/lib/telepathy/mission-control-5" name="/home/user/.cache/telepathy/avatars/gabble/jabber/_37d613ba7fb5a6c6a18cf99ac916a354c3c274d56.mime" pid=23255 comm="pool" requested_mask="wc" denied_mask="wc" fsuid=1000 ouid=1000
[24662.631553] type=1400 audit(1386171397.076:167): apparmor="DENIED" operation="open" parent=2441 profile="/usr/lib/telepathy/mission-control-5" name="/home/user/.cache/telepathy/avatars/gabble/jabber/_3946545cf4f3d418f9f0009a6c871e49ad32d111f" pid=30288 comm="pool" requested_mask="wc" denied_mask="wc" fsuid=1000 ouid=1000
[24662.631751] type=1400 audit(1386171397.076:168): apparmor="DENIED" operation="open" parent=2441 profile="/usr/lib/telepathy/mission-control-5" name="/home/user/.cache/telepathy/avatars/gabble/jabber/_3946545cf4f3d418f9f0009a6c871e49ad32d111f.mime" pid=30289 comm="pool" requested_mask="wc" denied_mask="wc" fsuid=1000 ouid=1000

Tags: apparmor
Sebastien Bacher (seb128)
Changed in telepathy-mission-control-5 (Ubuntu):
importance: Undecided → Low
Revision history for this message
Sebastien Bacher (seb128) wrote :

the apparmor profile has
" owner @{HOME}/.cache/telepathy/ rw,"

shouldn't that give access to those?

Revision history for this message
Sebastien Bacher (seb128) wrote :

    owner @{HOME}/.cache/telepathy/** rwk,

rather

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

The /usr/lib/telepathy/telepathy-* profile has:
    owner @{HOME}/.cache/telepathy/** rwk,

but the denial happened in the /usr/lib/telepathy/mission-control-5 profile, which does not have this rule. It is somewhat interesting that /usr/lib/telepathy/mission-control-5 wants access to the telepathy-gabble avatar, but the access is not a problem in general. Does adding the following to the /usr/lib/telepathy/mission-control-5 {} help:

  owner @{HOME}/.cache/telepathy/avatars/ rw,
  owner @{HOME}/.cache/telepathy/avatars/** rwk,

Be sure to run 'sudo apparmor_parser -r /etc/apparmor.d/usr.lib.telepathy' first.

Changed in telepathy-mission-control-5 (Ubuntu):
assignee: nobody → Jamie Strandboge (jdstrand)
status: New → Incomplete
Revision history for this message
Sebastien Bacher (seb128) wrote :

Thanks Jamie, that seems to work (I've not been able to trigger the warning with simple steps before but they would come regularly, I've restarted the telepathy services and used it for a while and it seems good where I had them in less than half an hour use before)

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package telepathy-mission-control-5 - 1:5.16.0-1ubuntu4

---------------
telepathy-mission-control-5 (1:5.16.0-1ubuntu4) trusty; urgency=low

  * debian/apparmor-profile:
    - give access to the telepathy-glib avatars cache,
      thanks Jamie Strandboge (lp: #1257816)
  * debian/patches/git_correct_error_handling.patch:
    - don't hit an invalid free if the config directory is not writable
      (lp: #1143463)
 -- Sebastien Bacher <email address hidden> Wed, 04 Dec 2013 18:22:16 +0100

Changed in telepathy-mission-control-5 (Ubuntu):
status: Incomplete → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.