ibus_bus_init does an unconditional call to chmod on $HOME/.config/ibus/bus #1996
Comments
|
Thank you for your report and patch. |
|
It wasn't fixed |
|
@Patatone the snap needs to be rebuilt against the updated ibus. Once this is done the denial will go away. |
|
I have Ubuntu 18.04 how can i rebuilt it? |
|
You don't need to rebuild it yourself. Just wait for the publisher of the snap (@kenvandine) to rebuild it, and you will get the update automatically. Note that the denial is harmless anyway, so no need to worry too much about it. |
|
I've rebuilt the GNOME platform snap that included ibus with the fix and released it to the stable channel. |
|
Thanks Ken! |
This issue was initially reported in ubuntu.
This was spotted by jdstrand when running the chromium snap, which recently enabled ibus support (https://forum.snapcraft.io/t/cant-use-input-method-in-snap-apps/4712/12):
audit[16919]: AVC apparmor="DENIED" operation="chmod" profile="snap.chromium.chromium" name="/home/osomon/.config/ibus/bus/" pid=16919 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
The code that calls chmod is in ibus_bus_init:
static void
ibus_bus_init (IBusBus *bus)
{
gchar *path;
[…]
path = g_path_get_dirname (ibus_get_socket_path ());
g_mkdir_with_parents (path, 0700);
g_chmod (path, 0700);
[…]
}
This could be avoided by checking first the file mode bits on that directory, and do the g_chmod call only if ≠ 0700.
The text was updated successfully, but these errors were encountered: