desktop-packages team mailing list archive

Thread
Date

[Bug 1442609] Re: Guest session can't read "/proc/net/dev" and/or "/proc/*/net/dev"

To: desktop-packages@xxxxxxxxxxxxxxxxxxx
From: Laércio de Sousa <lbsousajr@xxxxxxxxx>
Date: Mon, 13 Apr 2015 11:14:29 -0000
Reply-to: Bug 1442609 <1442609@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Robert,

This is a sample of my /var/log/kern.log messages regarding xfce4
-netload-plugin attempts to read network traffic:

Apr  9 14:46:34 localhost kernel: [  786.952187] audit: type=1400
audit(1428601594.953:805): apparmor="DENIED" operation="open"
profile="/usr/lib/lightdm/lightdm-guest-session"
name="/proc/23556/net/dev" pid=23556 comm="panel-2-netload"
requested_mask="r" denied_mask="r" fsuid=129 ouid=0

In the example above, PID 23556 belongs to command "/usr/lib/x86_64
-linux-gnu/xfce4/panel/wrapper-1.0 /usr/lib/x86_64-linux-
gnu/xfce4/panel/plugins/libnetload.so (...)"

In my experiments with apparmor profile for lightdm-guest-session, I've
found that just granting read access to /proc/[0-9]*/net/dev is enough.

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1442609

Title:
  Guest session can't read "/proc/net/dev" and/or "/proc/*/net/dev"

Status in Light Display Manager:
  Triaged
Status in lightdm package in Ubuntu:
  Triaged

Bug description:
  I'm customizing my guest sessions in Xubuntu 15.04 and discovered that
  xfce4-netload-plugin can't show current net traffic. After
  investigating netload plugin source code, I've found that a possible
  reason for this strange behaviour is that guest sessions are unable to
  read /proc/net/dev and/or /proc/<PID>/net/dev.

  Could you please review current apparmor profile for lightdm-guest-
  session so it can get read access to /proc/net/dev?

To manage notifications about this bug go to:
https://bugs.launchpad.net/lightdm/+bug/1442609/+subscriptions