[Pkg-privacy-maintainers] Bug#874383: torbrowser-launcher: AppArmor failures
intrigeri
intrigeri at debian.org
Fri Sep 8 06:48:41 UTC 2017
Control: tag -1 + moreinfo
Hi gregor,
gregor herrmann:
> This doesn't seem to be enough, the syslog is full of:
> Sep 5 18:21:18 jadzia kernel: [848718.105570] audit: type=1400
> audit(1504628478.309:7268): apparmor="DENIED" operation="mknod"
> profile="/home/*/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/firefox"
> name="/run/shm/org.chromium.Ob3qhH" pid=19088 comm=57656220436F6E74656E74
> requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
> [...]
> and loading any page just hangs.
Ouch! On my system (sid, systemd) /run/shm is a symlink to /dev/shm,
so "owner /dev/shm/org.chromium.* rw," is enough. I suspect that:
> Init: sysvinit (via /sbin/init)
… explains why these things are setup differently on your system.
I admit I've not tested anything on sysvinit for ages.
Can you please try replacing:
owner /dev/shm/org.chromium.* rw,
with:
owner /{dev,run}/shm/org.chromium.* rw,
… and then `sudo apparmor_parser -r /etc/apparmor.d/torbrowser.Browser.firefox'
and retry?
If that works better for you, then I'll submit a pull request upstream
about this (and will ask my team-mates who actively maintain
torbrowser-launcher to consider applying the patch in Debian without
waiting for a new upstream release).
Cheers,
--
intrigeri
More information about the Pkg-privacy-maintainers
mailing list