Light Display Manager

  1. Bug #1442609
  2. Comment #4

Comment 4 for bug 1442609

Revision history for this message
LaƩrcio de Sousa (lbssousa) wrote : Re: Guest session can't read "/proc/net/dev" and/or "/proc/*/net/dev"

Robert,

This is a sample of my /var/log/kern.log messages regarding xfce4-netload-plugin attempts to read network traffic:

Apr 9 14:46:34 localhost kernel: [ 786.952187] audit: type=1400 audit(1428601594.953:805): apparmor="DENIED" operation="open" profile="/usr/lib/lightdm/lightdm-guest-session" name="/proc/23556/net/dev" pid=23556 comm="panel-2-netload" requested_mask="r" denied_mask="r" fsuid=129 ouid=0

In the example above, PID 23556 belongs to command "/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-1.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnetload.so (...)"

In my experiments with apparmor profile for lightdm-guest-session, I've found that just granting read access to /proc/[0-9]*/net/dev is enough.