| 2014-07-09 14:01:09 |
Jonathan Reed |
bug |
|
|
added bug |
| 2014-07-19 09:39:54 |
Launchpad Janitor |
apparmor (Ubuntu): status |
New |
Confirmed |
|
| 2014-10-01 21:05:26 |
Jamie Strandboge |
apparmor (Ubuntu): assignee |
|
Steve Beattie (sbeattie) |
|
| 2014-10-02 12:50:54 |
Steve Beattie |
nominated for series |
|
Ubuntu Trusty |
|
| 2014-10-02 12:51:13 |
Steve Beattie |
nominated for series |
|
Ubuntu Utopic |
|
| 2014-10-02 13:09:28 |
Steve Beattie |
apparmor (Ubuntu): importance |
Undecided |
High |
|
| 2014-10-02 13:09:30 |
Steve Beattie |
apparmor (Ubuntu): status |
Confirmed |
In Progress |
|
| 2014-10-02 18:07:09 |
Launchpad Janitor |
branch linked |
|
lp:apparmor |
|
| 2014-10-08 21:53:18 |
Jamie Strandboge |
bug task added |
|
apparmor (Ubuntu Utopic) |
|
| 2014-10-08 21:53:26 |
Jamie Strandboge |
bug task added |
|
apparmor (Ubuntu Trusty) |
|
| 2014-10-09 20:38:05 |
Jamie Strandboge |
apparmor (Ubuntu Trusty): status |
New |
Triaged |
|
| 2014-10-09 20:38:10 |
Jamie Strandboge |
apparmor (Ubuntu Utopic): importance |
High |
Medium |
|
| 2014-10-09 20:38:13 |
Jamie Strandboge |
apparmor (Ubuntu Trusty): importance |
Undecided |
Medium |
|
| 2014-10-15 15:58:26 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/utopic-proposed/apparmor |
|
| 2014-10-15 17:25:52 |
Launchpad Janitor |
apparmor (Ubuntu Utopic): status |
In Progress |
Fix Released |
|
| 2015-04-25 06:55:01 |
Launchpad Janitor |
branch linked |
|
lp:~apparmor-dev/apparmor/apparmor-ubuntu-citrain-trusty |
|
| 2015-05-18 15:32:16 |
Steve Beattie |
attachment added |
|
profiles-adjust_X_for_lightdm-lp1339727.patch https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1339727/+attachment/4399558/+files/profiles-adjust_X_for_lightdm-lp1339727.patch |
|
| 2015-05-18 15:35:28 |
Steve Beattie |
description |
The default apparmor 'X' abstraction permits access to /{,var/}run/lightdm/authority/[0-9]*, ostensibly for the xauthority file. Except on Trusty, that's not where the xauthority file is. It is instead in /run/lightdm/$USER, and named "xauthority". I have had to udpated my apparmor configuration, lest apparmor convince Evince of being a filthy script kiddie, out to corrupt my xauth file.
Please consider adding the following to the 'X' abstraction:
owner /{,var/}run/lightdm/*/xauthority r,
Relevant info:
apparmor:
Installed: 2.8.95~2430-0ubuntu5
Candidate: 2.8.95~2430-0ubuntu5
Version table:
*** 2.8.95~2430-0ubuntu5 0
500 http://mirrors.mit.edu/ubuntu/ trusty/main amd64 Packages
100 /var/lib/dpkg/status |
[impact]
This issue prevents X applications from working properly when lightdm is
used as a display manager.
[steps to reproduce]
1) run evince in a desktop session started from lightdm. If this bug has not been addressed, apparmor denials will be seen on the /run/lightdm/$USER/xauthority file in /var/log/syslog.
[regression potential]
The change in the patch for this bug is a slight loosening of
the apparmor policy for X applications. The risk of an introduced
regression is small.
[original description]
The default apparmor 'X' abstraction permits access to /{,var/}run/lightdm/authority/[0-9]*, ostensibly for the xauthority file. Except on Trusty, that's not where the xauthority file is. It is instead in /run/lightdm/$USER, and named "xauthority". I have had to udpated my apparmor configuration, lest apparmor convince Evince of being a filthy script kiddie, out to corrupt my xauth file.
Please consider adding the following to the 'X' abstraction:
owner /{,var/}run/lightdm/*/xauthority r,
Relevant info:
apparmor:
Installed: 2.8.95~2430-0ubuntu5
Candidate: 2.8.95~2430-0ubuntu5
Version table:
*** 2.8.95~2430-0ubuntu5 0
500 http://mirrors.mit.edu/ubuntu/ trusty/main amd64 Packages
100 /var/lib/dpkg/status |
|
| 2015-05-24 17:34:18 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/trusty-proposed/apparmor |
|
| 2015-06-11 18:23:26 |
Steve Beattie |
tags |
|
verification-done |
|
| 2015-06-15 16:44:24 |
Launchpad Janitor |
apparmor (Ubuntu Trusty): status |
Triaged |
Fix Released |
|
