touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #26123
[Bug 1378805] Re: denial for creating /run/user/32011/scopes/leaf-net/
** Changed in: unity-scopes-api (Ubuntu)
Status: Fix Committed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unity-scopes-api in
Ubuntu.
https://bugs.launchpad.net/bugs/1378805
Title:
denial for creating /run/user/32011/scopes/leaf-net/
Status in “unity-scopes-api” package in Ubuntu:
In Progress
Bug description:
I feel like this bug is known and I thought there was a bug for this,
but I can't seem to find it now so filing a new one....
Most scopes are seeing:
apparmor="DENIED" operation="mkdir" profile="com.ubuntu.scopes.youtube_youtube_1.0.13" name="/run/user/32011/scopes/leaf-net/" pid=NNN comm="scoperunner" requested_mask="c" denied_mask="c" fsuid=32011 ouid=32011
Scopes aren't allowed to create /run/user/32011/scopes/leaf-net/ (they
are allowed to create their own scopes directory under it). This was
mentioned in https://bugs.launchpad.net/unity-scopes-
api/+bug/1356409/comments/3 and it was mentioned that this branch may
fix it: https://code.launchpad.net/~michihenning/unity-scopes-api
/test-before-mkdir/+merge/231110. However, the problem seems to be
that nothing is creating that directory at all before the scopes try
to create it for themselves. Pete said in the above comment "I think
the runtime should probably not be trying to create this while inside
confinement, as it will always fail." -- that is precisely the
problem. Something unconfined outside of the scopes themselves needs
to create it.
Marking rtm14 and Critical-- it is causing a lot of noise in the logs
and presumably scopes aren't able to function correctly. Please adjust
as needed.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unity-scopes-api/+bug/1378805/+subscriptions
References