touch-packages team mailing list archive

Thread
Date
[Bug 1010909] Re: permission denied: /usr/bin/{mktexpk, mktextfm}

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Steve Beattie <sbeattie@xxxxxxxxxx>
Date: Fri, 22 May 2015 06:37:52 -0000
Reply-to: Bug 1010909 <1010909@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
I have reproduced the failures on generating fonts with evince on a dvi
file and apparmor 2.8.95~2430-0ubuntu5.1 and can confirm that apparmor
2.8.95~2430-0ubuntu5.2 addresses the issue. Marking verification-done.

** Tags added: verification-done

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1010909

Title:
  permission denied: /usr/bin/{mktexpk,mktextfm}

Status in apparmor package in Ubuntu:
  Fix Released

Bug description:
  [impact]

  This bug prevents viewing dvi files with evince while confined by
  apparmor.

  [steps to reproduce]

  1) install evince, ensure evince apparmor policy is enabled
  2) view a dvi with evince
  3) with the fix applied, evince should be able to display the dvi
  document and should not generate apparmor rejections in syslog

  [regression potential]

  The change in the patch for this bug is a loosening of the apparmor
  policy for the sanitized helpers of evince. The risk of an introduced
  regression is small.

  [original description]

  1) lsb_release -rd
  Description:	Ubuntu Vivid Vervet (development branch)
  Release:	15.04

  2) apt-cache policy evince apparmor texlive
  evince:
    Installed: 3.14.1-0ubuntu1
    Candidate: 3.14.1-0ubuntu1
    Version table:
   *** 3.14.1-0ubuntu1 0
          500 http://us.archive.ubuntu.com/ubuntu/ vivid/main amd64 Packages
          100 /var/lib/dpkg/status
  apparmor:
    Installed: 2.8.98-0ubuntu4
    Candidate: 2.8.98-0ubuntu4
    Version table:
   *** 2.8.98-0ubuntu4 0
          500 http://us.archive.ubuntu.com/ubuntu/ vivid/main amd64 Packages
          100 /var/lib/dpkg/status
  texlive:
    Installed: 2014.20141024-1ubuntu1
    Candidate: 2014.20141024-1ubuntu1
    Version table:
   *** 2014.20141024-1ubuntu1 0
          500 http://us.archive.ubuntu.com/ubuntu/ vivid/main amd64 Packages
          100 /var/lib/dpkg/status

  3) What is expected to happen is when one attempts to open
  https://bugs.launchpad.net/ubuntu/+source/texlive-
  bin/+bug/1010909/+attachment/4282336/+files/example.dvi it does so
  successfully.

  4) What happens instead is it hangs indefinitely, as per output of running evince via a terminal https://bugs.launchpad.net/ubuntu/+source/texlive-bin/+bug/1010909/+attachment/4282345/+files/error.txt . This would appear to be due to apparmor as per:
  https://bugs.launchpad.net/ubuntu/+source/texlive-bin/+bug/1010909/+attachment/4282344/+files/kern.log

  However, attempting to disable the offending profile fails:
  sudo aa-complain /usr/bin/evince//sanitized_helper
  /usr/bin/evince//sanitized_helper does not exist, please double-check the path.

  ProblemType: Bug
  DistroRelease: Ubuntu 12.04
  Package: texlive-binaries 2009-11ubuntu2
  ProcVersionSignature: Ubuntu 3.2.0-24.39-generic 3.2.16
  Uname: Linux 3.2.0-24-generic x86_64
  ApportVersion: 2.0.1-0ubuntu8
  Architecture: amd64
  Date: Sat Jun  9 17:05:03 2012
  InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Release amd64 (20120425)
  ProcEnviron:
   TERM=xterm
   PATH=(custom, user)
   LANG=de_DE.UTF-8
   SHELL=/bin/zsh
  SourcePackage: texlive-bin
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1010909/+subscriptions