Hi Gerard Brave does not work currently because we only added support to Chromium, Firefox and Opera as you can see in the current snap_browsers abstraction [1]. I'm adding Brave support as well [2]. While that change is not applied to the apparmor package, as a workaround, you could apply the same changes from [2] in /etc/apparmor.d/abstractions/snap_browsers and reload the evince profile sudo apparmor_parser -r /etc/apparmor.d/usr.bin.evince
In regards to #include, it is not commented out. The apparmor policy allows the "include" keyword to be preceded by # or not. That said, #include is now being deprecated due to this exact confusion and we recommend using it without #. [1] https://gitlab.com/apparmor/apparmor/-/blob/31c9cf6845cb78cca59a753d7c5b27312d579be8/profiles/apparmor.d/abstractions/snap_browsers [2] https://gitlab.com/apparmor/apparmor/-/merge_requests/1137 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to evince in Ubuntu. https://bugs.launchpad.net/bugs/1794064 Title: Clicking a hyperlink in a PDF fails to open it if the default browser is a snap Status in apparmor package in Ubuntu: Fix Released Status in evince package in Ubuntu: Fix Released Status in apparmor source package in Jammy: Fix Released Status in evince source package in Jammy: Fix Released Status in apparmor source package in Lunar: Fix Released Status in evince source package in Lunar: Fix Released Status in apparmor package in Debian: Fix Released Status in evince package in Debian: Confirmed Bug description: [Impact] * Users cannot open a hyperlink in a PDF opened with evince when the default browser is a snap. * The fix creates a snap_browsers abstraction on AppArmor which can be used in a transition for when the browser is executed. The snap_browsers abstraction provides the minimal amount of permissions required to execute a browser provided through snaps. This is a workaround since AppArmor currently does not provide mediation/filtering on enhanced environment variables. [Test Plan] * Make sure the default browser is provided through the snap store. * Open a PDF that contains a hyperlink using evince and click on the URL. * The browser should open the requested URL. [Where problems could occur] * If the browser or snap core update to have new requirements for opening a browser, then the current policy could become obsolete and will need to be updated again. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1794064/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
