ubuntu-sdk-bugs team mailing list archive
-
ubuntu-sdk-bugs team
-
Mailing list archive
-
Message #00578
[Bug 1289540] [NEW] apparmor denials during calendar-app tests execution
*** This bug is a security vulnerability ***
Public security bug reported:
During calendar-app tests I see following denials in the syslog:
Mar 7 18:57:32 ubuntu-phablet kernel: [ 2958.360323] type=1400 audit(1394218652.047:79): apparmor="DENIED" operation="mknod" parent=1988 profile="com.ubuntu.clock_clock_1.0.349" name="/home/phablet/.config/com.ubuntu.clock_clock_1.0.349.conf.J13547" pid=13547 comm="qmlscene" requested_mask="c" denied_mask="c" fsuid=32011 ouid=32011
Mar 7 18:57:32 ubuntu-phablet kernel: [ 2958.360689] type=1400 audit(1394218652.047:80): apparmor="DENIED" operation="mknod" parent=1988 profile="com.ubuntu.clock_clock_1.0.349" name="/home/phablet/.config/com.ubuntu.clock_clock_1.0.349.conf.T13547" pid=13547 comm="qmlscene" requested_mask="c" denied_mask="c" fsuid=32011 ouid=32011
Mar 7 18:57:35 ubuntu-phablet kernel: [ 2961.714725] type=1400 audit(1394218655.411:81): apparmor="DENIED" operation="mknod" parent=1988 profile="com.ubuntu.clock_clock_1.0.349" name="/home/phablet/.config/com.ubuntu.clock_clock_1.0.349.conf.M13547" pid=13547 comm="qmlscene" requested_mask="c" denied_mask="c" fsuid=32011 ouid=32011
Mar 7 18:57:35 ubuntu-phablet kernel: [ 2961.715122] type=1400 audit(1394218655.411:82): apparmor="DENIED" operation="mknod" parent=1988 profile="com.ubuntu.clock_clock_1.0.349" name="/home/phablet/.config/com.ubuntu.clock_clock_1.0.349.conf.X13547" pid=13547 comm="qmlscene" requested_mask="c" denied_mask="c" fsuid=32011 ouid=32011
And following errors from QOrganizerEDSFactory:
(process:22298): dconf-CRITICAL **: unable to create file
'/run/user/32011/dconf/user': Permission denied. dconf will not work
properly.
(process:22298): dconf-CRITICAL **: unable to create file
'/run/user/32011/dconf/user': Permission denied. dconf will not work
properly.
(process:22298): dconf-CRITICAL **: unable to create file
'/run/user/32011/dconf/user': Permission denied. dconf will not work
properly.
Ideally, our core apps should have correct apparmor profiles applied, and thus the app should not generate denials for things that are not allowed.
** Affects: ubuntu-calendar-app
Importance: Undecided
Status: New
** Affects: qtorganizer5-eds (Ubuntu)
Importance: Undecided
Assignee: Timo Jyrinki (timo-jyrinki)
Status: New
** Also affects: qtorganizer5-eds (Ubuntu)
Importance: Undecided
Status: New
** Information type changed from Public to Public Security
** Changed in: qtorganizer5-eds (Ubuntu)
Assignee: (unassigned) => Timo Jyrinki (timo-jyrinki)
--
You received this bug notification because you are a member of Ubuntu
SDK bug tracking, which is subscribed to qtorganizer5-eds in Ubuntu.
https://bugs.launchpad.net/bugs/1289540
Title:
apparmor denials during calendar-app tests execution
Status in Calendar application for Ubuntu devices:
New
Status in “qtorganizer5-eds” package in Ubuntu:
New
Bug description:
During calendar-app tests I see following denials in the syslog:
Mar 7 18:57:32 ubuntu-phablet kernel: [ 2958.360323] type=1400 audit(1394218652.047:79): apparmor="DENIED" operation="mknod" parent=1988 profile="com.ubuntu.clock_clock_1.0.349" name="/home/phablet/.config/com.ubuntu.clock_clock_1.0.349.conf.J13547" pid=13547 comm="qmlscene" requested_mask="c" denied_mask="c" fsuid=32011 ouid=32011
Mar 7 18:57:32 ubuntu-phablet kernel: [ 2958.360689] type=1400 audit(1394218652.047:80): apparmor="DENIED" operation="mknod" parent=1988 profile="com.ubuntu.clock_clock_1.0.349" name="/home/phablet/.config/com.ubuntu.clock_clock_1.0.349.conf.T13547" pid=13547 comm="qmlscene" requested_mask="c" denied_mask="c" fsuid=32011 ouid=32011
Mar 7 18:57:35 ubuntu-phablet kernel: [ 2961.714725] type=1400 audit(1394218655.411:81): apparmor="DENIED" operation="mknod" parent=1988 profile="com.ubuntu.clock_clock_1.0.349" name="/home/phablet/.config/com.ubuntu.clock_clock_1.0.349.conf.M13547" pid=13547 comm="qmlscene" requested_mask="c" denied_mask="c" fsuid=32011 ouid=32011
Mar 7 18:57:35 ubuntu-phablet kernel: [ 2961.715122] type=1400 audit(1394218655.411:82): apparmor="DENIED" operation="mknod" parent=1988 profile="com.ubuntu.clock_clock_1.0.349" name="/home/phablet/.config/com.ubuntu.clock_clock_1.0.349.conf.X13547" pid=13547 comm="qmlscene" requested_mask="c" denied_mask="c" fsuid=32011 ouid=32011
And following errors from QOrganizerEDSFactory:
(process:22298): dconf-CRITICAL **: unable to create file
'/run/user/32011/dconf/user': Permission denied. dconf will not work
properly.
(process:22298): dconf-CRITICAL **: unable to create file
'/run/user/32011/dconf/user': Permission denied. dconf will not work
properly.
(process:22298): dconf-CRITICAL **: unable to create file
'/run/user/32011/dconf/user': Permission denied. dconf will not work
properly.
Ideally, our core apps should have correct apparmor profiles applied, and thus the app should not generate denials for things that are not allowed.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-calendar-app/+bug/1289540/+subscriptions
Follow ups
References