touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #78558
[Bug 1185331] Re: Apparmor logs error messages regarding evince on normal use.
Running "fc-cache -sfv" as root solved the warning about
/var/cache/fontconfig chmod stuff.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1185331
Title:
Apparmor logs error messages regarding evince on normal use.
Status in apparmor package in Ubuntu:
Invalid
Bug description:
Hello,
It seems that each time evince is used, system logs get cluttered with
messages like:
** Observed :
May 29 10:46:28 n55sf-l kernel: [314668.526878] type=1400 audit(1369817188.984:85): apparmor="DENIED" operation="chmod" parent=17861 profile="/usr/bin/evince" name="/var/cache/fontconfig/" pid=21378 comm="evince" requested_mask="w" denied_mask="w" fsuid=1000 ouid=0
May 29 10:46:28 n55sf-l kernel: [314668.528826] type=1400 audit(1369817188.988:86): apparmor="DENIED" operation="chmod" parent=17861 profile="/usr/bin/evince" name="/var/cache/fontconfig/" pid=21378 comm="evince" requested_mask="w" denied_mask="w" fsuid=1000 ouid=0
And also like:
May 29 10:39:03 n55sf-l kernel: [314223.459554] type=1400
audit(1369816743.428:83): apparmor="DENIED" operation="open" parent=1
profile="/usr/bin/evince"
name="/mycomplicatedpathtomyhomedironaseparatepartition/.fontconfig/fonts.conf"
pid=21716 comm="evince" requested_mask="r" denied_mask="r" fsuid=1000
ouid=1000
Reporting on apparmor instead of evince because dpkg indicates that
apparmor holds configuration for many programs (instead of programs
holding configuration for apparmor, as logcheck does), including
/etc/apparmor.d/abstractions/evince .
Here's a mini-stat gathering different messages and count of
occurrences in recent logs :
zcat kern.log.* | grep -i apparmor.*evince.* -o | sed -e 's
(mylongpath) /longpathtomyhomedir ' -e 's/pid=[0-9]*/pid=xxx/g' -e
's/parent=[0-9]*/parent=xxx/g' -e 's|(somepath)[^"]*|somepath|g' |
sort | uniq -c
1 apparmor="DENIED" operation="capable" parent=xxx profile="/usr/bin/evince" pid=xxx comm="dbus-launch" pid=xxx comm="dbus-launch" capability=1 capname="dac_override"
1 apparmor="DENIED" operation="capable" parent=xxx profile="/usr/bin/evince" pid=xxx comm="dbus-launch" pid=xxx comm="dbus-launch" capability=2 capname="dac_read_search"
1 apparmor="DENIED" operation="capable" parent=xxx profile="/usr/bin/evince" pid=xxx comm="evince" pid=xxx comm="evince" capability=1 capname="dac_override"
1 apparmor="DENIED" operation="capable" parent=xxx profile="/usr/bin/evince" pid=xxx comm="evince" pid=xxx comm="evince" capability=2 capname="dac_read_search"
2 apparmor="DENIED" operation="open" parent=xxx profile="/usr/bin/evince" name=(some hex string) pid=xxx comm="EvJobScheduler" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
2 apparmor="DENIED" operation="open" parent=xxx profile="/usr/bin/evince" name=(some hex string) pid=xxx comm="EvJobScheduler" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
376 apparmor="DENIED" operation="open" parent=xxx profile="/usr/bin/evince" name="/longpathtomyhomedir/.fontconfig/fonts.conf" pid=xxx comm="evince" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
219 apparmor="DENIED" operation="open" parent=xxx profile="/usr/bin/evince" name="/longpathtomyhomedir/.fonts.conf" pid=xxx comm="evince" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
3 apparmor="DENIED" operation="open" parent=xxx profile="/usr/bin/evince" name="somepath" pid=xxx comm="EvJobScheduler" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
1 apparmor="DENIED" operation="open" parent=xxx profile="/usr/bin/evince" name="somepath" pid=xxx comm="pool" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
1 apparmor="DENIED" operation="open" parent=xxx profile="/usr/bin/evince" name="/tmp/.X0-lock" pid=xxx comm="pool" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
1 apparmor="DENIED" operation="open" parent=xxx profile="/usr/bin/evince-previewer" name="/longpathtomyhomedir/.fontconfig/fonts.conf" pid=xxx comm="evince-previewe" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
10 apparmor="DENIED" operation="open" parent=xxx profile="/usr/bin/evince-previewer" name="/longpathtomyhomedir/.fonts.conf" pid=xxx comm="evince-previewe" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
58 apparmor="DENIED" operation="open" parent=xxx profile="/usr/bin/evince-thumbnailer" name="/longpathtomyhomedir/.fontconfig/fonts.conf" pid=xxx comm="evince-thumbnai" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
21 apparmor="DENIED" operation="open" parent=xxx profile="/usr/bin/evince-thumbnailer" name="/longpathtomyhomedir/.fonts.conf" pid=xxx comm="evince-thumbnai" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
2 apparmor="DENIED" operation="open" parent=xxx profile="/usr/bin/evince-thumbnailer" name="/media/stephane/n55s494G/stephane/.goutputstream-8KGWMW" pid=xxx comm="evince-thumbnai" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
2 apparmor="DENIED" operation="open" parent=xxx profile="/usr/bin/evince-thumbnailer" name="somepath" pid=xxx comm="evince-thumbnai" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
2 apparmor="DENIED" operation="open" parent=xxx profile="/usr/bin/evince-thumbnailer" name="somepath" pid=xxx comm="evince-thumbnai" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1001
1 apparmor="DENIED" operation="rename_src" parent=xxx profile="/usr/bin/evince" name="somepath" pid=xxx comm="EvJobScheduler" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
3 apparmor="STATUS" operation="profile_load" name="/usr/bin/evince" pid=xxx comm="apparmor_parser"
1 apparmor="STATUS" operation="profile_load" name="/usr/bin/evince-previewer" pid=xxx comm="apparmor_parser"
1 apparmor="STATUS" operation="profile_load" name="/usr/bin/evince-previewer//sanitized_helper" pid=xxx comm="apparmor_parser"
1 apparmor="STATUS" operation="profile_load" name="/usr/bin/evince//sanitized_helper" pid=xxx comm="apparmor_parser"
1 apparmor="STATUS" operation="profile_load" name="/usr/bin/evince-thumbnailer" pid=xxx comm="apparmor_parser"
1 apparmor="STATUS" operation="profile_load" name="/usr/bin/evince-thumbnailer//sanitized_helper" pid=xxx comm="apparmor_parser"
1 apparmor="STATUS" operation="profile_replace" name="/usr/bin/evince" pid=xxx comm="apparmor_parser"
1 apparmor="STATUS" operation="profile_replace" name="/usr/bin/evince-previewer" pid=xxx comm="apparmor_parser"
1 apparmor="STATUS" operation="profile_replace" name="/usr/bin/evince-previewer//sanitized_helper" pid=xxx comm="apparmor_parser"
1 apparmor="STATUS" operation="profile_replace" name="/usr/bin/evince//sanitized_helper" pid=xxx comm="apparmor_parser"
1 apparmor="STATUS" operation="profile_replace" name="/usr/bin/evince-thumbnailer" pid=xxx comm="apparmor_parser"
1 apparmor="STATUS" operation="profile_replace" name="/usr/bin/evince-thumbnailer//sanitized_helper" pid=xxx comm="apparmor_parser"
** Expected :
No specific message in log in normal use of evince.
** Additional information :
Evince seem to work normally.
ProblemType: Bug
DistroRelease: Ubuntu 12.10
Package: apparmor 2.8.0-0ubuntu5.1
ProcVersionSignature: Ubuntu 3.5.0-30.51-generic 3.5.7.9
Uname: Linux 3.5.0-30-generic x86_64
NonfreeKernelModules: btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs msdos jfs xfs reiserfs ext2 rndis_host cdc_ether usbnet bbswitch pci_stub vboxpci vboxnetadp vboxnetflt vboxdrv bnep rfcomm parport_pc ppdev binfmt_misc dm_crypt nls_iso8859_1 arc4 ath9k mac80211 ath9k_common ath9k_hw snd_hda_codec_realtek joydev snd_hda_intel ath3k btusb ath snd_hda_codec bluetooth cfg80211 uvcvideo videobuf2_core snd_hwdep videodev snd_pcm snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq kvm_intel kvm videobuf2_vmalloc videobuf2_memops snd_timer asus_nb_wmi snd_seq_device mei lpc_ich snd asus_wmi mxm_wmi sparse_keymap wmi soundcore snd_page_alloc microcode psmouse serio_raw mac_hid coretemp lp parport usb_storage hid_generic usbhid hid ghash_clmulni_intel cryptd ahci libahci atl1c i915 drm_kms_helper drm i2c_algo_bit video
ApportVersion: 2.6.1-0ubuntu10
Architecture: amd64
Date: Wed May 29 11:42:26 2013
InstallationDate: Installed on 2012-12-27 (152 days ago)
InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.5)
MarkForUpload: True
ProcEnviron:
TERM=xterm
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=fr_FR.UTF-8
SHELL=/bin/bash
ProcKernelCmdline: BOOT_IMAGE=/boot/vmlinuz-3.5.0-30-generic root=UUID=0ac65d3d-9ad8-4b02-8650-5df01d16640a ro quiet splash vt.handoff=7
SourcePackage: apparmor
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1185331/+subscriptions
