[Pkg-anonymity-tools] Bug#783922: [torbrowser-launcher] Newest TBB does not start with provided AppArmor profile in enforce mode
ricola
ricola at poivron.org
Sun May 24 15:28:39 UTC 2015
Package: torbrowser-launcher
Version: 0.2.0-1
--- Please enter the report below this line. ---
I've got some more similar incidents to report. They seem to be
complementary to this one so I'm not opening a new bug report. Tell me
if I should.
The first AppArmor error I get when starting torbrowser-launcher is:
Latest version of TBB is installed, launching
Traceback (most recent call last):
File "/usr/bin/torbrowser-launcher", line 30, in <module>
torbrowser_launcher.main()
File
"/usr/lib/python2.7/dist-packages/torbrowser_launcher/__init__.py", line
69, in main
app = Launcher(common, url_list)
File
"/usr/lib/python2.7/dist-packages/torbrowser_launcher/launcher.py", line
117, in __init__
self.start_launcher()
File
"/usr/lib/python2.7/dist-packages/torbrowser_launcher/launcher.py", line
151, in start_launcher
self.run(False)
File
"/usr/lib/python2.7/dist-packages/torbrowser_launcher/launcher.py", line
634, in run
subprocess.call([self.common.paths['tbb']['start']],
cwd=self.common.paths['tbb']['dir_tbb'])
File "/usr/lib/python2.7/subprocess.py", line 522, in call
return Popen(*popenargs, **kwargs).wait()
File "/usr/lib/python2.7/subprocess.py", line 710, in __init__
errread, errwrite)
File "/usr/lib/python2.7/subprocess.py", line 1335, in _execute_child
raise child_exception
OSError: [Errno 13] Permission denied
And in /var/log/kern.log:
May 24 17:07:29 localhost kernel: [ 5454.060742] audit: type=1400
audit(1432480049.538:89): apparmor="DENIED" operation="exec"
profile="/usr/bin/torbrowser-launcher"
name="/home/ricola/.local/share/torbrowser/tbb/i686/tor-browser_en-US/start-tor-browser.desktop"
pid=10435 comm="torbrowser-laun" requested_mask="x" denied_mask="x"
fsuid=1000 ouid=1000
If I disable /etc/apparmor.d/usr.bin.torbrowser-launcher, I get:
Latest version of TBB is installed, launching
Launching './Browser/start-tor-browser --detach'...
/usr/bin/env: bash: Permission denied
And in /var/log/kern.log:
May 24 17:19:26 localhost kernel: [ 6171.305631] audit: type=1400
audit(1432480766.782:122): apparmor="DENIED" operation="exec"
profile="/home/*/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/,}start-tor-browser"
name="/bin/bash" pid=11025 comm="start-tor-brows" requested_mask="x"
denied_mask="x" fsuid=1000 ouid=0
Then, if I disable /etc/apparmor.d/torbrowser.start-tor-browser:
Latest version of TBB is installed, launching
Launching './Browser/start-tor-browser --detach'...
And in /var/log/kern.log:
May 24 17:11:31 localhost kernel: [ 5696.068610] audit: type=1400
audit(1432480291.544:99): apparmor="DENIED" operation="file_mmap"
profile="/home/*/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/firefox"
name="/home/ricola/.local/share/torbrowser/tbb/i686/tor-browser_en-US/Browser/TorBrowser/Tor/libstdc++.so.6"
pid=10523 comm="firefox" requested_mask="m" denied_mask="m" fsuid=1000
ouid=1000
Then again, if I disable /etc/apparmor.d/torbrowser.Browser.firefox, Tor
Browser starts and I can use it but before opening the following
(apparently harmless) error message appears in a dialog:
"An error occurred while loading or saving configuration information for
firefox. Some of your configuration settings may not work properly."
--- System information. ---
Architecture: i386
Kernel: Linux 3.16.0-4-686-pae
Debian Release: 8.0
990 stable security.debian.org
990 stable ftp.us.debian.org
500 unstable ftp.us.debian.org
500 testing ftp.us.debian.org
500 stable-updates ftp.us.debian.org
100 jessie-backports ftp.us.debian.org
--- Package information. ---
Package's Depends field is empty.
Package's Recommends field is empty.
Package's Suggests field is empty.
More information about the Pkg-anonymity-tools
mailing list