touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #09804
[Bug 1357348] Re: Cannot play sound files in /usr/share/sound/** folder due to apparmor permission issue
media-hub-server will likely fail to play all kinds of files, not just
those in /usr/share/sounds because we have an explicit deny rule that is
overriding our rule to allow mmap of /tmp/orcexec.
** Summary changed:
- Cannot play sound files in /usr/share/sound/** folder due to apparmor permission issue
+ Cannot play sound files due to apparmor permission issue
** Description changed:
In the clock app we read /usr/share/sounds/ubuntu/ringtones and when
trying to use MediaPlayer{} or Audio{}, it works on the desktop but
fails on the device. Doing a quick grep DEN /var/log/syslog reveals the
following apparmor denials,
Aug 15 11:16:58 ubuntu-phablet kernel: [ 3968.875354] type=1400 audit(1408094218.079:104): apparmor="DENIED" operation="file_mmap" profile="/usr/bin/media-hub-server" name="/tmp/orcexec.CLp5yf" pid=5825 comm="aqueue:src" requested_mask="m" denied_mask="m" fsuid=32011 ouid=32011
Aug 15 11:16:58 ubuntu-phablet kernel: [ 3968.875506] type=1400 audit(1408094218.079:105): apparmor="DENIED" operation="mknod" profile="/usr/bin/media-hub-server" name="/run/user/32011/orcexec.cntnWk" pid=5825 comm="aqueue:src" requested_mask="c" denied_mask="c" fsuid=32011 ouid=32011
On talking to jdstrand,
2:09 PM <jdstrand> ah
2:10 PM <jdstrand> we have this rule:owner /tmp/orcexec* m,
2:10 PM <jdstrand> but it is overriden by this: audit deny owner /** m,
2:10 PM <jdstrand> nik90: can you file a bug against media-hub?
+
+ Original summary: in /usr/share/sound/** folder
** Also affects: media-hub (Ubuntu)
Importance: Undecided
Status: New
** Changed in: media-hub (Ubuntu)
Importance: Undecided => Critical
** Also affects: mediascanner2 (Ubuntu)
Importance: Undecided
Status: New
** Changed in: mediascanner2 (Ubuntu)
Importance: Undecided => Critical
** Changed in: mediascanner2 (Ubuntu)
Status: New => Triaged
** Changed in: media-hub (Ubuntu)
Status: New => Triaged
** Also affects: mediascanner2
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mediascanner2 in Ubuntu.
https://bugs.launchpad.net/bugs/1357348
Title:
Cannot play sound files due to apparmor permission issue
Status in Media Hub:
New
Status in Media Scanner v2:
New
Status in “media-hub” package in Ubuntu:
Triaged
Status in “mediascanner2” package in Ubuntu:
Triaged
Bug description:
In the clock app we read /usr/share/sounds/ubuntu/ringtones and when
trying to use MediaPlayer{} or Audio{}, it works on the desktop but
fails on the device. Doing a quick grep DEN /var/log/syslog reveals
the following apparmor denials,
Aug 15 11:16:58 ubuntu-phablet kernel: [ 3968.875354] type=1400 audit(1408094218.079:104): apparmor="DENIED" operation="file_mmap" profile="/usr/bin/media-hub-server" name="/tmp/orcexec.CLp5yf" pid=5825 comm="aqueue:src" requested_mask="m" denied_mask="m" fsuid=32011 ouid=32011
Aug 15 11:16:58 ubuntu-phablet kernel: [ 3968.875506] type=1400 audit(1408094218.079:105): apparmor="DENIED" operation="mknod" profile="/usr/bin/media-hub-server" name="/run/user/32011/orcexec.cntnWk" pid=5825 comm="aqueue:src" requested_mask="c" denied_mask="c" fsuid=32011 ouid=32011
On talking to jdstrand,
2:09 PM <jdstrand> ah
2:10 PM <jdstrand> we have this rule:owner /tmp/orcexec* m,
2:10 PM <jdstrand> but it is overriden by this: audit deny owner /** m,
2:10 PM <jdstrand> nik90: can you file a bug against media-hub?
Original summary: in /usr/share/sound/** folder
To manage notifications about this bug go to:
https://bugs.launchpad.net/media-hub/+bug/1357348/+subscriptions