Ubuntu
firefox package

firefox-notify denied on download completion

Bug #644983 reported by Micah Gersten
16
This bug affects 2 people
Affects Status Importance Assigned to Milestone
apparmor (Ubuntu)
Fix Released
Wishlist
Jamie Strandboge
firefox (Ubuntu)
Fix Released
Wishlist
Unassigned

Bug Description

Binary package hint: firefox

Sep 22 01:23:13 defiant kernel: [381456.277830] type=1400 audit(1285136593.871:451285): apparmor="ALLOWED" operation="exec" parent=10376 profile="/usr/lib/firefox-3.6.10/firefox-*bin" name="/usr/share/xul-ext/notify/chrome/content/download_complete_notify.py" pid=1574 comm="firefox-bin" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 target="/usr/lib/firefox-3.6.10/firefox-*bin//null-84"

I get these whenever a download completes.

Tried to add the following to the local Firefox abstraction in Maverick, but I got the following error:
  /usr/share/xul-ext/notify/chrome/content/download_complete_notify.py Uxr,

AppArmor parser error, in stdin line 3: syntax error, unexpected TOK_MODE, expecting TOK_OPEN

Tags: apparmor
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

This should fix it:
#include <abstractions/python>
/usr/bin/python2.[4567] ix,
/usr/share/xul-ext/notify/**/download_complete_notify.py ix,

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

This has been added to the ubuntu-integration-xul abstraction in apparmor trunk.

Changed in apparmor (Ubuntu):
assignee: nobody → Jamie Strandboge (jdstrand)
importance: Undecided → Wishlist
status: New → Fix Committed
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Once the ubuntu-integration-xul is in Ubuntu, debian/firefox.postinst can be adjusted to include:
#include <abstractions/ubuntu-browsers.d/ubuntu-integration-xul>

when creating $ADDONS_APP_PROFILE.

Changed in firefox (Ubuntu):
importance: Undecided → Low
status: New → Triaged
importance: Low → Wishlist
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apparmor - 2.6~devel+bzr1601-0ubuntu1

---------------
apparmor (2.6~devel+bzr1601-0ubuntu1) natty; urgency=low

  * Merge with upstream bzr revision 1601 to gain parser speed
    improvements and man page fixes. Closes the following bugs:
    - LP: #349049: document audit, deny and owner rule qualifiers
    - LP: #466228: ubuntu-browsers.d/multimedia: allow flash printing
    - LP: #644983: add ubuntu-browsers.d/ubuntu-integration-xul
    - LP: #692216: use aa_change_hat() instead of change_hat()
    - LP: #692217: add aa_change_profile.pod manpage
  * debian/control: explicitly depend on gettext module.
  * ship apparmor vim syntax file (LP: #646800):
    - debian/vim-apparmor.yaml: vim addon definition file.
    - debian/apparmor-utils.install: add apparmor.vim and vim-apparmor.yaml.
  * debian/libapparmor1.manpages: ship aa_change_profile manpage.
 -- Kees Cook <email address hidden> Mon, 20 Dec 2010 14:37:38 -0800

Changed in apparmor (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

This is fixed in Ubuntu 11.04.

Changed in firefox (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.