ibus_bus_init does an unconditional call to chmod on $HOME/.config/ibus/bus
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ibus |
Fix Released
|
Unknown
|
|||
ibus (Ubuntu) |
Fix Released
|
Low
|
Olivier Tilloy | ||
Xenial |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
This was spotted by jdstrand when running the chromium snap, which recently enabled ibus support (https:/
audit[16919]: AVC apparmor="DENIED" operation="chmod" profile=
The code that calls chmod is in ibus_bus_init:
static void
ibus_bus_init (IBusBus *bus)
{
gchar *path;
[…]
path = g_path_get_dirname (ibus_get_
g_mkdir_
g_chmod (path, 0700);
[…]
}
This is rather harmless, but it could be avoided by checking first the file mode bits on that directory, and do the g_chmod call only if ≠ 0700.
[Impact]
Snaps that build on a xenial stack against libibus will trigger that apparmor denial, and even if actually harmless this will no doubt be reported as a problem by users who inspect the denials generated by their snaps.
The patch (that is already upstream: https:/
[Test Case]
Install the chromium snap from the stable channel (version 65.0.3325.181, revision 274 as of this writing), and monitor the system journal for apparmor denials while launching it:
journalctl -f | grep chmod
Observe a denial similar to that one:
audit[16919]: AVC apparmor="DENIED" operation="chmod" profile=
Now rebuild the chromium snap with the patched libibus (this can be done by downloading the .snap file, unpacking it with unsquashfs, replacing the libibus files by unpacking the updated deb, then repacking the snap with `snapcraft pack`), install it and launch it while monitoring the system journal.
Observe the denial on chmod is gone.
[Regression Potential]
This is a low-risk, self-contained change. It doesn't change the logic of ibus_bus_init.
ibus input still working in apps (both debs and snaps) should be enough to prove that there are no regressions.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: ibus 1.5.17-3ubuntu1
ProcVersionSign
Uname: Linux 4.15.0-13-generic x86_64
NonfreeKernelMo
ApportVersion: 2.20.9-0ubuntu2
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Thu Apr 5 21:55:30 2018
EcryptfsInUse: Yes
InstallationDate: Installed on 2016-07-02 (642 days ago)
InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.1)
SourcePackage: ibus
UpgradeStatus: Upgraded to bionic on 2018-01-29 (66 days ago)
Changed in ibus (Ubuntu): | |
status: | In Progress → Fix Committed |
description: | updated |
Changed in ibus: | |
status: | Unknown → Fix Released |
Some context:
<jdstrand> oSoMoN: perhaps there is an unconditional chmod in the ibus libs. I would argue that should be fixed to only chmod if it isn't what it expects. that would be something for SRU and then anything using the desktop launcher won't be affected by it
<jdstrand> oSoMoN: as it stands, it sounds like if the lib is doing that, *every* snap that uses the part will trigger this denial, which will lead to confused users
<oSoMoN> jdstrand, that denial is harmless though, isn't it?
<jdstrand> oSoMoN: it doesn't seem to affect the snap no. however, there will be bug reports where people think it is causing trouble and people will have to constantly refute that it isn't an issue