AppArmor

Latest firefox update broken when used with the stock apparmor profile

Bug #1660566 reported by Me
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
AppArmor
New
Undecided
Unassigned

Bug Description

Got a firefox update through APT on ubuntu 16.04.1LTS a few days ago that break when the stock apparmor firefox profile is in force. Disabling the profile fixes firefox.

The problem experienced with firefox when the apparmor profile is in force is that all webpages show a blank white page.

Firefox version : 51.0.1+build2-0ubuntu0.16.04.1
Apparmor version : 2.10.95-0ubuntu2.5

Here a few kern.log entries related to apparmor/firefox:

Jan 31 10:07:49 kernel: [ 4052.593836] audit: type=1400 audit(1485853669.423:666): apparmor="DENIED" operation="open" profile="/usr/lib
/firefox/firefox{,*[^s][^h]}" name="/proc/16493/net/arp" pid=16504 comm=4C696E6B204D6F6E69746F72 requested_mask="r" denied_mask="r" fsuid=10
00 ouid=0

Jan 31 10:14:35 kernel: [ 4458.649758] audit: type=1400 audit(1485854075.480:1035): apparmor="DENIED" operation="mknod" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/dev/shm/org.chromium.2MXFVG" pid=16597 comm=57656220436F6E74656E74 requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Jan 31 10:14:35 nova kernel: [ 4458.650467] audit: type=1400 audit(1485854075.480:1036): apparmor="DENIED" operation="mknod" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/dev/shm/org.chromium.2tFFb5" pid=16597 comm=57656220436F6E74656E74 requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Jan 31 10:14:37 kernel: [ 4460.610800] audit: type=1400 audit(1485854077.440:1037): apparmor="DENIED" operation="mknod" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/dev/shm/org.chromium.buEkzy" pid=16597 comm=57656220436F6E74656E74 requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Jan 31 10:14:37 kernel: [ 4460.611175] audit: type=1400 audit(1485854077.440:1038): apparmor="DENIED" operation="mknod" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/dev/shm/org.chromium.8FJ3W1" pid=16597 comm=57656220436F6E74656E74 requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Jan 31 10:14:37 kernel: [ 4460.611440] audit: type=1400 audit(1485854077.440:1039): apparmor="DENIED" operation="mknod" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/dev/shm/org.chromium.ASnPkv" pid=16597 comm=57656220436F6E74656E74 requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Jan 31 10:14:37 kernel: [ 4460.673520] audit: type=1400 audit(1485854077.504:1040): apparmor="DENIED" operation="mknod" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/dev/shm/org.chromium.zeDESY" pid=16597 comm=57656220436F6E74656E74 requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Jan 31 10:14:37 kernel: [ 4460.673836] audit: type=1400 audit(1485854077.504:1041): apparmor="DENIED" operation="mknod" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/dev/shm/org.chromium.DZaxqs" pid=16597 comm=57656220436F6E74656E74 requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Jan 31 10:14:37 kernel: [ 4460.674247] audit: type=1400 audit(1485854077.504:1042): apparmor="DENIED" operation="mknod" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/dev/shm/org.chromium.i22tYV" pid=16597 comm=57656220436F6E74656E74 requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Jan 31 10:14:37 kernel: [ 4460.678705] audit: type=1400 audit(1485854077.508:1043): apparmor="DENIED" operation="mknod" profile="/usr/lib/firefox/firefox{,*[^s][^h]}" name="/dev/shm/org.chromium.xIg9wp" pid=16597 comm=57656220436F6E74656E74 requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000

Tyler Hicks (tyhicks)
information type: Private Security → Public
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.