Bug #625041 “Failed to execute child process “sensible-browser” ...” : Bugs : apparmor package : Ubuntu

Revision history for this message

Pavel Sherman (pavel-sherman) wrote on 2010-08-27:

#1

screenshot of error Edit (159.7 KiB, image/png)
Dependencies.txt Edit (4.6 KiB, text/plain; charset="utf-8")
KernLog.txt Edit (52.9 KiB, text/plain; charset="utf-8")
ProcMaps.txt Edit (41.8 KiB, text/plain; charset="utf-8")
ProcStatus.txt Edit (794 bytes, text/plain; charset="utf-8")
RelatedPackageVersions.txt Edit (171 bytes, text/plain; charset="utf-8")
XsessionErrors.txt Edit (25.8 KiB, text/plain; charset="utf-8")

Revision history for this message

madbiologist (me-again) wrote on 2010-08-27:

#2

Works here on Maverick alpha 3.

Uname: Linux 2.6.35-14-generic i686
Evince 2.31.90-0ubuntu1

Could be a 64bit issue.

Revision history for this message

Beowulf (s-highlander) wrote on 2010-08-29:

#3

Nope, I run 32-bit Ubunu 10.04

Revision history for this message

Sebastien Bacher (seb128) wrote on 2010-08-30:

#4

the browsers lists is in apparmor itself, reassigning the bug

Changed in evince (Ubuntu):
importance:	Undecided → Low
affects:	evince (Ubuntu) → apparmor (Ubuntu)

Jamie Strandboge (jdstrand) on 2010-08-30

Changed in apparmor (Ubuntu):
assignee:	nobody → Jamie Strandboge (jdstrand)
status:	New → In Progress

Jamie Strandboge (jdstrand) on 2010-08-30

Changed in apparmor (Ubuntu):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-09-03:

#5

This bug was fixed in the package apparmor - 2.5.1~pre1393-0ubuntu6

---------------
apparmor (2.5.1~pre1393-0ubuntu6) maverick; urgency=low

  * debian/profiles/chromium-browser: updated to have the proper path to
    local/
  * debian/patches/0011-lp514356+573344+593413.patch: browser abstraction
    updates for /net, kmozillahelper and gnome-appearance-properties
    (LP: #593413, LP: #514356, LP: #573344)
  * debian/patches/0012-lp625041.patch: add sensible-browser (LP: #625041)
  * debian/patches/0013-lp623586.patch: allow access to ghostscript fonts when
    not using defoma (LP: #623586)
-- Jamie Strandboge <email address hidden> Fri, 03 Sep 2010 07:39:31 -0500

Changed in apparmor (Ubuntu):
status:	Fix Committed → Fix Released

Revision history for this message

Juan Simón (simonbcn) wrote on 2010-10-22:

#6

And what's happen with Lucid users? Lucis is a LTS version!! :-(

Revision history for this message

Juan Simón (simonbcn) wrote on 2010-10-22:

#7

Any workaround!?

Jamie Strandboge (jdstrand) on 2010-11-02

Changed in apparmor (Ubuntu Lucid):
assignee:	nobody → Jamie Strandboge (jdstrand)
importance:	Undecided → Low
milestone:	none → lucid-updates
status:	New → In Progress

Jamie Strandboge (jdstrand) on 2010-11-03

description:

updated

Revision history for this message

Martin Pitt (pitti) wrote on 2010-12-03: Please test proposed package

#8

Accepted apparmor into lucid-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Changed in apparmor (Ubuntu Lucid):
status:	In Progress → Fix Committed
tags:	added: verification-needed

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2010-12-14:

#9

Upgraded to 2.5.1-0ubuntu0.10.04.1 in lucid-proposed and this issue is resolved.

Martin Pitt (pitti) on 2010-12-14

tags:

added: verification-done
removed: verification-needed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-12-15:

#10

Download full text (10.1 KiB)

This bug was fixed in the package apparmor - 2.5.1-0ubuntu0.10.04.1

---------------
apparmor (2.5.1-0ubuntu0.10.04.1) lucid-proposed; urgency=low

  * Backport 2.5.1-0ubuntu0.10.10.1 from maverick for userspace tools to work
    with newer kernels (LP: #660077)
    NOTE: user-tmp now uses 'owner' match, so non-default profiles will have
    to be adjusted when 2 separately confined applications that both use the
    user-tmp abstraction depend on being able to cooperatively share files
    with each other in /tmp or /var/tmp.
  * remove the following patches (features not appropriate for SRU):
    - 0002-add-chromium-browser.patch
    - 0003-local-includes.patch
    - 0004-ubuntu-abstractions-updates.patch
  * debian/rules (this makes it the same as what was shipped in 10.04 LTS
    release):
    - don't ship aa-update-browser and its man page (requires
      0004-ubuntu-abstractions-updates.patch)
    - don't ship apparmor.d/local/ (requires 0003-local-includes.patch)
    - don't use dh_apparmor (not in Ubuntu 10.04 LTS)
    - don't ship chromium profile
  * remove debian/profiles/chromium-browser
  * remove debian/aa-update-browser*
  * debian/apparmor-profiles.postinst: revert to that in lucid release
    (requires dh_apparmor and 0002-add-chromium-browser.patch)
  * remove debian/apparmor-profiles.postrm: doesn't make sense without
    0002-add-chromium-browser.patch
  * debian/control:
    - revert Build-Depends on debhelper (>= 5)
    - revert Standards-Version to 3.8.4
    - revert Vcs-Bzr
    - use Conflicts/Replaces version that was in Ubuntu 10.04 LTS
  * debian/patches/0011-lucid-compat-dbus.patch: move /var/lib/dbus/machine-id
    back into dbus, since profiles on 10.04 LTS expect it there
  * debian/patches/0012-lucid-compat-kde.patch: add kde4-config to kde
    abstraction, since the firefox profile on Ubuntu 10.04 LTS expects it to
    be there

apparmor (2.5.1-0ubuntu0.10.10.2) maverick-proposed; urgency=low

  * New upstream release (LP: #660077)
    - The following patches were refreshed:
      + 0001-fix-release.patch
      + 0003-local-includes.patch
      + 0004-ubuntu-abstractions-updates.patch
      + 0008-lp648900.patch: renamed as 0005-lp648900.patch
    - The following patches were dropped (included upstream):
      + 0005-lp601583.patch
      + 0006-network-interface-enumeration.patch
      + 0007-gnome-updates.patch
  * debian/patches/0006-testsuite-fixes.patch: testsuite fixes from head
    of 2.5 branch. These are needed for QRT and SRU testing (LP: #652211)
  * debian/patches/0007-honor-cflags.patch: have the parser makefile honor
    CFLAGS environment variable. Brings back missing symbols for the retracer
  * debian/patches/0008-lp652674.patch: fix warnings for messages without
    denied or requested masks (LP: #652674)
  * debian/apparmor.init: fix path to aa-status (LP: #654841)
  * debian/apport/source_apparmor.py: apport hook should use
    root_command_hook() for running apparmor_status (LP: #655529)
  * debian/apport/source_apparmor.py: use ProcKernelCmdline and don't clobber
    cmdline details (LP: #657091)
  * debian/{rules,control}: move apache2 abstractions into the base package
    so we can put ...

This bug was fixed in the package apparmor - 2.5.1-0ubuntu0.10.04.1

---------------
apparmor (2.5.1-0ubuntu0.10.04.1) lucid-proposed; urgency=low

* Backport 2.5.1-0ubuntu0.10.10.1 from maverick for userspace tools to work
    with newer kernels (LP: #660077)
    NOTE: user-tmp now uses 'owner' match, so non-default profiles will have
    to be adjusted when 2 separately confined applications that both use the
    user-tmp abstraction depend on being able to cooperatively share files
    with each other in /tmp or /var/tmp.
  * remove the following patches (features not appropriate for SRU):
    - 0002-add-chromium-browser.patch
    - 0003-local-includes.patch
    - 0004-ubuntu-abstractions-updates.patch
  * debian/rules (this makes it the same as what was shipped in 10.04 LTS
    release):
    - don't ship aa-update-browser and its man page (requires
      0004-ubuntu-abstractions-updates.patch)
    - don't ship apparmor.d/local/ (requires 0003-local-includes.patch)
    - don't use dh_apparmor (not in Ubuntu 10.04 LTS)
    - don't ship chromium profile
  * remove debian/profiles/chromium-browser
  * remove debian/aa-update-browser*
  * debian/apparmor-profiles.postinst: revert to that in lucid release
    (requires dh_apparmor and 0002-add-chromium-browser.patch)
  * remove debian/apparmor-profiles.postrm: doesn't make sense without
    0002-add-chromium-browser.patch
  * debian/control:
    - revert Build-Depends on debhelper (>= 5)
    - revert Standards-Version to 3.8.4
    - revert Vcs-Bzr
    - use Conflicts/Replaces version that was in Ubuntu 10.04 LTS
  * debian/patches/0011-lucid-compat-dbus.patch: move /var/lib/dbus/machine-id
    back into dbus, since profiles on 10.04 LTS expect it there
  * debian/patches/0012-lucid-compat-kde.patch: add kde4-config to kde
    abstraction, since the firefox profile on Ubuntu 10.04 LTS expects it to
    be there

apparmor (2.5.1-0ubuntu0.10.10.2) maverick-proposed; urgency=low

* New upstream release (LP: #660077)
    - The following patches were refreshed:
      + 0001-fix-release.patch
      + 0003-local-includes.patch
      + 0004-ubuntu-abstractions-updates.patch
      + 0008-lp648900.patch: renamed as 0005-lp648900.patch
    - The following patches were dropped (included upstream):
      + 0005-lp601583.patch
      + 0006-network-interface-enumeration.patch
      + 0007-gnome-updates.patch
  * debian/patches/0006-testsuite-fixes.patch: testsuite fixes from head
    of 2.5 branch. These are needed for QRT and SRU testing (LP: #652211)
  * debian/patches/0007-honor-cflags.patch: have the parser makefile honor
    CFLAGS environment variable. Brings back missing symbols for the retracer
  * debian/patches/0008-lp652674.patch: fix warnings for messages without
    denied or requested masks (LP: #652674)
  * debian/apparmor.init: fix path to aa-status (LP: #654841)
  * debian/apport/source_apparmor.py: apport hook should use
    root_command_hook() for running apparmor_status (LP: #655529)
  * debian/apport/source_apparmor.py: use ProcKernelCmdline and don't clobber
    cmdline details (LP: #657091)
  * debian/{rules,control}: move apache2 abstractions into the base package
    so we can put apache2 profiles into the -profiles package without
    aa-logprof bailing out. Patch by Marc Deslauriers.
    (LP: #539441)
  * debian/patches/0009-sensible-browser-pix.patch: use Pix with
    sensible-browser
  * debian/patches/0010-ubuntu-buildd.patch: skip parser caching test if
    the AppArmor securityfs introspection directory is not mounted, as
    is the case on Ubuntu buildds.

apparmor (2.5.1~rc1-0ubuntu2) maverick; urgency=low

* abstractions/ubuntu-email: adjustment for ever-changing thunderbird path
    (LP: #648900)

apparmor (2.5.1~rc1-0ubuntu1) maverick; urgency=low

[ Jamie Strandboge ]
  * New upstream RC release (revision 1413). In addition to getting the tools
    to work with the maverick kernel, this update fixes:
    - LP: #619521
    - LP: #633369
    - LP: #626451
    - LP: #581525
    - LP: #623467 (link and unlink still need to be addressed)
  * Dropped the following patches, included upstream:
    - 0002-lp615177.patch
    - 0004-ubuntu-pux.patch
    - 0006-kde4-config-pux.patch
    - 0007-lp605835.patch
    - 0012-lp625041.patch
    - 0013-lp623586.patch
  * Update the following patches:
    - rename 0010-fix-release.patch as 0001-fix-release.patch since this will
      likely always need to be here
    - rename 0005-add-chromium-browser.patch as
      0002-add-chromium-browser.patch
    - rename 0001-local-includes.patch as 0003-local-includes.patch and update
      to use r1493 (from trunk) of local/README file. This can be dropped in
      2.6.
    - collect the ubuntu abstractions updates pulled from trunk into
      0004-ubuntu-abstractions-updates.patch. This can be dropped in 2.6.
    - rename 0008-lp601583.patch as 0005-lp601583.patch. This can be dropped
      in 2.5.1 final.
  * fix up some lintian warnings:
    - debian/control:
      + don't use 'Section' in apparmor-notify, since it is the same as the
        source
      + updates Standards-Version to 3.9.1
      + add ${misc:Depends} to libapparmor-dev and apparmor-notify
    - add debian/source/format
    - debian/libapache2-mod-apparmor.postrm: use #DEBHELPER#
    - debian/libapache2-mod-apparmor.preinst: use #DEBHELPER#
    - add debian/watch
  * debian/notify/notify.conf: set show_notifications="yes" by default
  * debian/patches/0006-network-interface-enumeration.patch: allow network
    interface enumeration. This can be dropped in 2.5.1 final.
  * debian/patches/0007-gnome-updates.patch: update for font/icon/mime
    locations in current gnome. This can be dropped in 2.5.1 final.

[ Kees Cook ]
  * debian/apparmor.init: rename "stop" to "teardown", drop caches on
    "stop" and warn about the dangers of "teardown".

apparmor (2.5.1~pre1393-0ubuntu6) maverick; urgency=low

* debian/profiles/chromium-browser: updated to have the proper path to
    local/
  * debian/patches/0011-lp514356+573344+593413.patch: browser abstraction
    updates for /net, kmozillahelper and gnome-appearance-properties
    (LP: #593413, LP: #514356, LP: #573344)
  * debian/patches/0012-lp625041.patch: add sensible-browser (LP: #625041)
  * debian/patches/0013-lp623586.patch: allow access to ghostscript fonts when
    not using defoma (LP: #623586)

apparmor (2.5.1~pre1393-0ubuntu5) maverick; urgency=low

* debian/patches/0007-lp605835.patch: allow ca-certificates in ssl_certs
    abstraction (LP: #605835)
  * debian/patches/0008-lp601583.patch: adjust X abstraction for newer gdm
    (LP: #601583)
  * debian/patches/0009-lp565753.patch: add ubuntu-feed-readers abstraction
    and have ubuntu-browsers.d/multimedia use it (LP: #565753)
  * debian/apparmor.config: don't try to read in the existing value from
    /etc/apparmor.d/tunables/home.d/ubuntu, but instead always use what is
    in debconf. (LP: #561694)
  * add aa-update-browser for giving a programmatic way to update browser
    profiles to use browser abstractions
    - add debian/aa-update-browser
    - add debian/aa-update-browser.8
    - debian/rules: install aa-update-browser*
  * debian/patches/0003-ubuntu-browsers-d.patch: updated to generalize java
    child profile names
  * debian/patches/0010-fix-release.patch: update common/Make.rules to use
    lsb_release

apparmor (2.5.1~pre1393-0ubuntu4) maverick; urgency=low

* debian/patches/0001-local-includes.patch: updated to adjust local/README
    to have upstream clarifications
  * debian/patches/0003-ubuntu-browsers-d.patch: add ubuntu-browsers.d/*
    abstractions
  * debian/patches/0004-ubuntu-pux.patch: use 'PUx' instead of 'Ux' in
    abstractions/ubuntu-*
  * add chromium-browser profile. All this can be removed once
    chromium-browser ships its own profile:
    - debian/patches/0005-add-chromium-browser.patch: add preliminary
      profiles/apparmor.d/usr.bin.chromium-browser
    - debian/profiles/chromium-browser: added for use with ubuntu-browsers.d
    - debian/rules: ship debian/profiles/chromium-browser in apparmor-profiles
  * don't make /etc/apparmor.d/local/* from apparmor-profiles conffiles
    - debian/control: Build-Depends on debhelper 7.4.20ubuntu5
    - debian/rules: use dh_apparmor instead of shipping the files as conffiles
    - debian/apparmor-profiles.postinst: move DEBHELPER before initscript
      reload
    - debian/apparmor-profiles.postrm: added to remove chromium-browser config
      file
  * debian/patches/0006-kde4-config-pux.patch: remove kde4-config from kde
    abstraction and add it to kde ubuntu-browsers abstraction

apparmor (2.5.1~pre1393-0ubuntu3) maverick; urgency=low

* debian/patches/0002-lp615177.patch: 'owner' match in commit 1406 too
    strict for /tmp/ and /var/tmp/ (LP: #615177)

apparmor (2.5.1~pre1393-0ubuntu2) maverick; urgency=low

* debian/rules: move local/usr.lib.apache2.mpm-prefork.apache2 to
    libapache2-mod-apparmor

apparmor (2.5.1~pre1393-0ubuntu1) maverick; urgency=low

* Update to upstream bzr revision 1393 from lp:apparmor/2.5.
    * add dbus-session abstraction (LP: #566207)
    * require owner in user-tmp abstraction (LP: #578922)
    * don't use uninitialized $opt_s (LP: #582075)
    * allow thunderbird 3 in abstractions/ubuntu-email (LP: #590462)
    * allow gmplayer in abstractions/ubuntu-media-players (LP: #591421)
  * debian/control: updated branches.
  * debian/patches/0001-local-includes.patch: backported patch from trunk to
    allow local administrators to customize their profiles without modifying
    a shipped profile
  * debian/rules:
    - don't pass RELEASE to libapparmor's 'make install' as it breaks the
      build and isn't used by the Makfile anyway
    - install apparmor.d/local/README in apparmor, not apparmor-profiles
    - don't install apparmor.d/local/usr.sbin.ntpd
  * Drop the following patches already included upstream:
    - 0001-lp538561.patch
    - 0002-aalogprof-warnings.patch
    - 0003-fix-memleaks.patch
    - 0004-lp549557.patch
    - 0005-lp538661.patch
    - 0006-lp611248.patch

apparmor (2.5-0ubuntu4) maverick; urgency=low

* debian/patches/0006-lp611248.patch: allow access to gdk-pixbuf loaders
    LP: #611248
 -- Jamie Strandboge <jamie@ubuntu.com>   Tue, 02 Nov 2010 13:33:15 -0500

Changed in apparmor (Ubuntu Lucid):
status:	Fix Committed → Fix Released

Ubuntu Foundations Team Bug Bot (crichton) on 2011-09-19

tags:

added: testcase

Ubuntu
apparmor package

Failed to execute child process "sensible-browser" (Permission denied)

Bug Description

Related branches

Other bug subscribers

Bug attachments

Remote bug watches

Affects		Status	Importance	Assigned to	Milestone
	apparmor (Ubuntu)	Fix Released	Low	Jamie Strandboge
	Lucid	Fix Released	Low	Jamie Strandboge	Ubuntu lucid-updates

Ubuntuapparmor package

Failed to execute child process "sensible-browser" (Permission denied)

Bug Description

Related branches

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntu
apparmor package