** Also affects: lightdm (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1922414
Title:
ssh-agent fails to start (has_option: command
Public bug reported:
This concerns cups-browsed 1.28.15-0ubuntu1.2 in Ubuntu jammy.
Saw this in syslog:
Jul 18 01:14:48 testvm kernel: [ 3230.340733] audit: type=1400
audit(1689657288.599:68): apparmor="DENIED" operation="capable"
profile="/usr/sbin/cups-browsed" pid=30693 comm="cups-browsed"
ca
Reopening this issue as I am still observing the net_admin denial in
jammy.
** Changed in: cups (Ubuntu)
Status: Expired => Confirmed
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to cups in Ubuntu.
https://bugs.launchpad.net/bugs/
Public bug reported:
I am seeing this on Ubuntu noble with polkitd 123-3.
After debootstrap'ing a minimal system, I run
# apt-get install linux-generic
which pulls in polkitd as a dependency. In the output, I see the
following:
Setting up polkitd (123-3) ...
Creating group 'polkitd
Same here:
Setting up rhythmbox-plugins (3.4.7-2ubuntu2) ...
/usr/lib/x86_64-linux-gnu/rhythmbox/plugins/lyrics/AstrawebParser.py:64:
SyntaxWarning: invalid escape sequence '\/'
url = re.split('(\/display[^"]*)', entry)[1]
/usr/lib/x86_64-linux-gnu/rhythmbox/plugins/lyrics/AstrawebParser.py:66:
Hi Sam,
The popup is "needed" because special permission is required to "create
a color managed device." This is typically relevant to fancy color-
corrected computer displays and the like. The problem is that when you
are logging in via a remote connection like VNC or RDP, there is no
directly-co
I will point out that the postgresql package is part of Ubuntu main,
whereas xscreensaver is in Ubuntu universe. The distinctions between
these components of the repository are described at
https://help.ubuntu.com/community/Repositories/Ubuntu
Universe is "Community maintained software, i.e.
Public bug reported:
This bug report concerns chromium-browser version
43.0.2357.81-0ubuntu0.14.04.1.1089 in Ubuntu Trusty.
Previously, this system had 41.0.2272.76-0ubuntu0.14.04.1.1076
installed, and it worked correctly. Now, after an update, the browser
crashes immediately upon startup with a
Correction: I have a .crash file, but cannot find what invocation of
apport-{bug,cli} will attach it to an existing bug report.
The crash in question may be found in the Ubuntu Error Tracker at
https://errors.ubuntu.com/problem/70617e44460c73fcc19361b37a0b38c02af9090e
--
You received this bug n
*** This bug is a duplicate of bug 1471645 ***
https://bugs.launchpad.net/bugs/1471645
I have configured apport to submit crash traces to Launchpad and have
filed a new report that way.
** This bug has been marked a duplicate of private bug 1471645
--
You received this bug notification beca
The crash is due to AppArmor. Adding the following to the profile for
/usr/lib/chromium-browser/chromium-browser gets things working again:
capability sys_admin,
capability sys_chroot,
owner @{PROC}/[0-9]*/setgroups w,
owner @{PROC}/[0-9]*/gid_map w,
owner @{PROC}/[0-9]*/uid_m
This appears to be fixed as of Ubuntu Quantal. Could you give it a try?
Marking as "Fix Released" for now; please change back to "Confirmed" if
you still see it.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to flashplugin-nonfree in Ubun
Public bug reported:
This concerns gnome-keyring 3.6.1-0ubuntu1 in Ubuntu Quantal.
Normally, I invoke ssh-add(1) manually after logging in. I add a number
of identities, and then connect to other hosts using those identities.
This worked correctly in Ubuntu Oneiric.
Now, with a new Quantal insta
Public bug reported:
This report concerns gvfs-daemons 1.14.0-0ubuntu6 in Ubuntu Quantal.
I log out from an Xfce desktop session, and the process table shows a
gvfsd-process is still running. If I log in again, and log out again,
two processes. Log in/out again, three processes. And so on.
** Af
Jorge: Check in the upstream bugzilla to see if someone's already filed
a bug, but if not, then go for it. Very few Ubuntu package maintainers
take the initiative to file upstream bugs themselves.
If you do file a bug upstream, or a report already exists, please link
it here!
(As a possible worka
Public bug reported:
Saw this while installing TeX on Ubuntu Saucy:
Setting up texlive-base (2013.20130722-1) ...
mktexlsr: Updating /var/lib/texmf/ls-R-TEXLIVEDIST...
mktexlsr: Updating /var/lib/texmf/ls-R-TEXMFMAIN...
mktexlsr: Updating /var/lib/texmf/ls-R...
mktexlsr: Do
It's not clear that the chromium-browser package maintainers are
willing/interested in taking on the profile. As it is, this has been
almost entirely Jamie Strandboge's show, and he's a security guy, not a
Chromium dev.
That said, i do wonder why the profile doesn't exist in Ubuntu's
apparmor Baza
Walter,
adobe-flashplugin is only available in the Canonical "partner"
repository, which is not enabled per default, and should not be required
to install Adobe Flash. The flashplugin-installer package is still very
much needed as a solution that can reside within the regular Ubuntu
repositories.
Christopher,
This wishlist item is properly implemented in a system script
(/etc/X11/Xsession.d/90x11-common_ssh-agent) authored and provided by
Debian/Ubuntu, not by Xorg upstream. The file path in the source tree is
xorg-7.6+12ubuntu2/debian/local/Xsession.d/90x11-common_ssh-agent
(as o
Christopher,
Let me rephrase what I said: This wishlist item properly belongs in
90x11-common_ssh-agent; it has yet to be implemented.
That GNOME discussion from six years ago is not relevant here. Fedora
may be doing something like what is described in that thread, but
Debian/Ubuntu are not.
If
Christopher: thanks.
Upstream patching isn't really applicable here, because the script in
question is distribution-specific session-setup code.
As for demo code, here's a tidbit to get the ball rolling:
if [ -n "$XDG_RUNTIME_DIR" -a -d "$XDG_RUNTIME_DIR" ]; then
SSHAGENTARGS+="-a $XDG
The IPP-version patch does not appear to (fully) fix the problem.
I'm testing a build of 1.6.1-2 on Quantal. It works if I specify the
server hostname (with version directive) on the command line, but not if
I specify same via the CUPS_SERVER environment variable or
/etc/cups/client.conf:
$ l
Ah, I see upstream just released 1.6.2. Will try it once it hits Raring.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to cups in Ubuntu.
https://bugs.launchpad.net/bugs/1069671
Title:
no print queues displayed in pure client mode
Stat
Public bug reported:
This concerns evince 3.6.1-1ubuntu3 in Ubuntu raring.
I have a PDF form in which a couple of fields are multi-option drop-down
widgets, e.g.
Title:
[ Select one ]
Mr.
Ms.
Mrs.
The field is initially set to "[ Select one ]", and I am supposed to
select one of
** Bug watch added: GNOME Bug Tracker #703145
https://bugzilla.gnome.org/show_bug.cgi?id=703145
** Also affects: evince via
https://bugzilla.gnome.org/show_bug.cgi?id=703145
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of Desk
I've tested 1.6.2 in a Quantal install, and confirmed that appending
"/version=1.1" to ServerName in /etc/cups/client.conf works as intended.
The new option still needs to be documented, and I've filed a Debian bug
to this end:
http://bugs.debian.org/704238
I'd also note that when the client
Actually, lightdm-gtk-greeter. This is in conjunction with Openbox, so
no unity-greeter.
** Package changed: unity-greeter (Ubuntu) => lightdm (Ubuntu)
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launc
(Meant to reassign to lightdm-gtk-greeter, but that's a binary package
with lightdm as its source, so back to the latter it went)
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/932543
T
Thanks, I missed this in reviewing the code.
Could you add a clarification in the sample lightdm.conf that options
are allowed, and that [the standard X.org] server options are appended
to this command? It's easy to read xserver-command as specifying either
just the server program name/path, or th
Public bug reported:
Saw this while installing a slew of X11 packages:
[...]
Setting up libgtk-3-0 (3.2.0-0ubuntu4) ...
Setting up libgtk-3-bin (3.2.0-0ubuntu4) ...
Setting up librsvg2-common (2.34.1-2) ...
/var/lib/dpkg/info/librsvg2-common:i386.postinst: 15: cannot create
/usr/lib/i386-linux-g
Public bug reported:
I have LightDM 1.0.6-0ubuntu1.2 installed on a minimal Oneiric system.
There is a /etc/lightdm/lightdm-gtk-greeter-ubuntu.conf file, containing
the following:
[greeter]
background=/usr/share/backgrounds/warty-final-ubuntu.png
The named background file does not exist.
Public bug reported:
I am using LightDM 1.0.6-0ubuntu1.2 on a minimal Oneiric graphical
system.
The menu under the power-symbol button at the top-right corner of the
greeter screen comes up empty when I click it. There are no
Restart/Shutdown/Suspend/Hibernate/etc. items under there, none at all.
Public bug reported:
I am using LightDM 1.0.6-0ubuntu1.2 on Oneiric.
I would like to pass the "-logdir /path/to/file" option to the X server.
In the old days, I would edit a file like /etc/X11/Xserver and add the
option in there. LightDM, however, constructs the X server invocation in
C code, spe
Laying this one to rest. Thank you Mozilla dev team.
** Changed in: firefox (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/585061
Title:
For what it's worth, if the password on a keyring is set to the empty
string---something you can do with seahorse---the keyring will be stored
on disk as a plain-text file. The INI-style format leaves a lot to be
desired, but at least it's a way to do export and import with gnome-
keyring. Other pa
Public bug reported:
This concerns lightdm 1.0.6-0ubuntu1.2 in Ubuntu Oneiric.
I am using LightDM as part of a stock Xubuntu install. The "High
Contrast" style option (in the menu activated by clicking the second-
from-the-right icon in the top-right corner) works, but "Large Font"
does not.
**
Public bug reported:
This concerns lightdm 1.0.6-0ubuntu1.2 in Ubuntu Oneiric.
I am using LightDM as part of a stock Xubuntu install. The "Restart" and
"Shutdown" actions from the icon at the top-right corner do nothing. (I
have not tested "Suspend" and "Hibernate".)
No useful information appear
Can you tell who marked those bugs as duplicates? If it wasn't Robert
Ancell, they could probably be unmarked. There's a possibility the same
codepath is involved in being at the greeter vs. in a session, but he's
likely the only person active here who would know for sure.
--
You received this bu
Oliver and Ćukasz, thank you for following this up.
So that I understand, in focal, is the fix part of the transitional
package, not in the snap?
The former is described as "This is a transitional dummy package. It can
safely be removed," but would removing it then remove Chromium as an x
-www-br
Public bug reported:
This concerns system-config-printer 1.5.12-0ubuntu1 in Ubuntu focal.
I log into the Xfce desktop, and then logout. The screen returns to the
LightDM login screen.
A few minutes later, "loginctl list-sessions" shows the following:
SESSION UID USERSEAT TTY
Public bug reported:
This concerns at-spi2-core 2.36.0-2 in Ubuntu focal.
I log into the Xfce desktop as "skunk" via xrdp, and then logout.
A few minutes later, "loginctl list-sessions" shows the following:
SESSION UID USER SEAT TTY
9 0 root
c10 1000 skunk
This bug has LP: 1871726 as a quasi-parent.
Those two processes shown in session-status are deceptive; ps(1) shows a
much larger number of processes still remaining from the login session.
When the two processes go away, however, all the others follow. The
impact of this issue, then, is not limite
This bug has LP: 1871726 as a quasi-parent.
That one system-config-printer process shown in session-status is
deceptive; ps(1) shows a much larger number of processes still remaining
from the login session. When the s-c-p process goes away, however, all
the others follow. The impact of this issue,
Public bug reported:
This concerns onboard 1.4.1-2ubuntu7 in Ubuntu focal.
Seen during package installation:
[...]
Setting up onboard (1.4.1-2ubuntu7) ...
/usr/lib/python3/dist-packages/Onboard/LayoutLoaderSVG.py:447: SyntaxWarning:
'str' object is not callable; perhaps you missed a comma?
ra
This issue persists in lightdm 1.30.0-0ubuntu3.1 in Ubuntu focal.
I see the warnings not only for pam_kwallet.so, but also its successor
pam_kwallet5.so, as well as pam_gnome_keyring.so (which I do not have
installed). All three of these are referenced in /etc/pam.d/lightdm and
/etc/pam.d/lightdm-
This bug was reported three years ago in Debian:
https://bugs.debian.org/863227
** Bug watch added: Debian Bug tracker #863227
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863227
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed
Aaaand the upstream has decided they can't/won't fix this issue.
One thing that bothers me about this whole situation is that, in order
for background services like this one to be cleaned up after logout,
they need to behave "correctly." From my point of view, this is
backwards.
When the system i
Public bug reported:
This concerns colord 1.4.4-2 in Ubuntu focal. (xiccd 0.3.0-1 may also be
relevant.)
I log into the Xfce desktop environment, and immediately see an
"Authenticate" window pop up:
Authentication is required to create a color managed device
Password for root:
Public bug reported:
This concerns geoclue-2.0 2.5.6-0ubuntu1 in Ubuntu focal.
I am using the Xfce desktop. When a user logs in, a
/usr/libexec/geoclue-2.0/demos/agent process is started.
However, when the user logs out, and the associated "systemd --user"
instance is killed, the geoclue process
Note: My use case involves logging into the desktop remotely, via XRDP.
This issue appears to affect other remote-login implementations as well.
Related:
https://github.com/TurboVNC/turbovnc/issues/47
https://bugzilla.redhat.com/show_bug.cgi?id=1149893
https://gitlab.gnome.org/GNOME/gnome-setti
Public bug reported:
This concerns gnome-session-bin 3.36.0-2ubuntu1 in Ubuntu focal.
When I log into a Xubuntu desktop via xrdp, an error occurs, and the
session terminates before the desktop is even drawn on the screen.
I looked in syslog, and saw this:
Apr 9 12:12:23 test-ubuntu64 syste
Autologin is not in use. The only unusual aspect of this login is that
it is via xrdp, and because no argument is passed to the initial
/etc/X11/Xsession invocation, it uses the default x-session-manager ->
gnome-session . If the user logs in via the console, xfce4-session is
used instead, masking
I'm not sure that this new title is accurate, as the error condition is
brought about specifically by an unusual (albeit legal) way of starting
the X session. My scenario involved xrdp, but I could see this happening
with an older display manager (xdm?) that does not recognize XDG
xsession files.
Public bug reported:
This concern chromium 80.0.3987.162 (snap package) in Ubuntu focal.
After installing the package, update-alternatives(1) cannot set x-www-
browser to point to /usr/bin/chromium-browser:
# update-alternatives --set x-www-browser /usr/bin/chromium-browser
update-altern
Public bug reported:
This concerns lightdm 1.18.1-0ubuntu1 in Xenial.
The /lib/systemd/system/lightdm.service file lacks an [Install] clause.
Meaning, that if you do
# systemctl disable display-manager
to prevent LightDM from starting, running
# systemctl enable lightdm
does not resto
This whole systemd thing is new to me, and I can't say I'm terribly
enamored of it, so I'm not the best person to ask. But by way of
example, I'll point out what a couple other .service files do:
/lib/systemd/system/rsyslog.service:
[Install]
WantedBy=multi-user.target
Alias=syslog.s
Maybe make display-manager.service into an actual service file (rather
than a symlink), and have that start whatever /etc/X11/default-display-
manager points to?
What I want is to be able to disable and then re-enable the display
manager starting on boot using similar administrative commands, like
Chromium continues to fail on Xenial with the title error message when
the currently-shipped AppArmor profile is enforced.
I've updated my profile adjustments to address some new issues that have
cropped up in recent builds of Chromium.
Everyone who wants to get things working again, please add t
Spurious dialog observed in remote X session on Xenial install with
accountservice 0.6.40-2ubuntu10.
Enabled xenial-proposed, installed accountservice 0.6.40-2ubuntu11, and
the dialog no longer appears.
I wasn't seeing this problem as badly as some other folks here, but for
my use case, the propo
This issue is no longer observable in a standard console X11 login on
Xenial.
There is still an issue with GVFS daemons hanging around after an XFCE
session that was launched from a terminal (as in a remote X11 session),
but that is actually due to dbus-launch not being killed at the end of
the se
Chad, what is the intended purpose of that command? Because it's
mistranscribed:
$ dpkg -S $(grep -l /etc/apparmor.d/*)
grep: /etc/apparmor.d/apache2.d: Is a directory
grep: /etc/apparmor.d/cache: Is a directory
grep: /etc/apparmor.d/disable: Is a directory
grep: /etc/apparmor.
** Changed in: apparmor (Ubuntu)
Status: Incomplete => Confirmed
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1471645
Title:
[trusty] [regression] chromium-browser c
For the record, Firefox 61 very much does continue to make use of
/proc//smaps (and /proc//statm) when using the about:memory
page.
I confirmed this by experimentally commenting out the AppArmor rules for
those two /proc files (motivated by comment #3 above), and subsequently
observed AppA
I think we could really use some kind of conditional construct (IF ...
THEN ...) in AppArmor syntax. Everything being talking about here
should, ideally, be adjustable using tunables. With a debconf
configuration option, even.
Between users who want strict access control to user files, and users
w
Does this issue still occur with Firefox 60 or later? I am unable to
reproduce it on 18.04/bionic.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/885211
Title:
firefox generates appar
The current Firefox AppArmor profile includes the "openssl" abstraction,
which allows access to /etc/ssl/openssl.cnf. This bug should no longer
be present in Ubuntu.
** Changed in: firefox (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a m
Has anyone observed any undesirable behavior from Firefox when access to
these mount-related DBus services is denied?
It's not clear to me why Firefox is even calling these in the first
place, and given that mounts can include NFS servers and the like, I'd
just as soon deny this access if there's
Hello Jean-Philippe, do you still see this issue if those AppArmor
permissions are commented out?
Are you using the fglrx driver?
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1553708
The Firefox AppArmor profile shipped in Ubuntu 18.04/bionic includes a
rule for /usr/share/distro-info/*.csv, so this should no longer be an
issue.
** Changed in: firefox (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Desktop
Package
The Firefox AppArmor profile shipped in Ubuntu 18.04/bionic includes
this rule, so this should no longer be an issue.
** Changed in: firefox (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed t
/etc/apparmor.d/abstractions/ubuntu-browsers.d/multimedia in Ubuntu
18.04/bionic contains the fix.
Marking the Firefox bug as Invalid, since the issue was fixed by
updating the AppArmor abstraction. (I.e. no change to the firefox
package was/is needed.)
** Changed in: firefox (Ubuntu)
Stat
Does this issue still arise with Firefox 60+? I've encountered various
DBus VFS-related denials with Firefox under AppArmor, but not this
particular one.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.laun
Hmmm, interesting!
I wouldn't hold out too long on giving the friendly tools smarts
vis-a-vis conditionals, since that kind of logic isn't necessarily
straightforward (i.e. can be hard/time-consuming to implement), it's not
necessary for power/paranoid users (we're happy resorting to a text
editor
I think we're going to need more information on how this plugin got in
there in the first place. Being able to map a library in a user-writable
directory doesn't sound terribly safe...
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firef
I see that /etc/apparmor.d/abstractions/gnome in Ubuntu 18.04/bionic has
this line...
owner @{HOME}/.config/gtk-3.0/* r,
...which covers the settings.ini file. So this should no longer be an
issue.
** Changed in: firefox (Ubuntu)
Status: New => Fix Released
--
You received thi
Bug persists in Ubuntu 18.04/bionic:
# ls /etc/cups
ls: cannot access '/etc/cups': No such file or directory
# apt-get install cups-client
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
cups-co
Arrgh... this is not a great way of working (malware could write to that
location and then load in code), but as it is what we've got, I've added
the rule to a forthcoming Firefox profile update.
Incidentally, Olivier, if you've got a line on who's responsible for the
Firefox profile there, it wou
Mathieu, thank you for the detailed explanation. Automatic editing of
/etc/hosts always struck me as a dicey proposition, and I'm glad to hear
it got axed.
For those users/admins who do want /etc/hosts to be updated with DHCP
info, it may be worthwhile to provide an example of such a dispatcher.d/
In 11.10, I'm no longer seeing usb-creator remount previously-removed
disks on startup.
I can't speak to the Nautilus behavior described in this bug, however,
as I've never observed it myself.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed
KillUserProcesses=yes is a sledgehammer of a solution. I would advise
just removing the geoclue package.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to geoclue-2.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1871728
Title:
geoclue agen
Public bug reported:
This concern pipewire 0.3.48-1ubuntu1 in Ubuntu jammy.
I log into an installed system via ssh, and I see
skunk@darkstar:~$ ps auxww | grep skunk
root 13771 0.5 0.1 19772 12224 ?Ss 07:35 0:00 sshd: skunk
[priv]
skunk 13774 5.4 0.1 17160 9940 ?
*** This bug is a duplicate of bug 1949970 ***
https://bugs.launchpad.net/bugs/1949970
This appears to have been addressed in bug #1949970 by making use of a
feature of the PAM config. In /etc/pam.d/lightdm, I see e.g.
-authoptionalpam_gnome_keyring.so
-authoptional
Hi Wl-dustin,
Note that comment #26 has a more general fix (define has_option() in an
Xsession.d file if it's not already defined). There appear to be various
other X session scripts likewise neglecting to define it.
--
You received this bug notification because you are a member of Desktop
Packa
83 matches
Mail list logo
