- Diselesaikan
- Diarkib
Excessive apparmor log entries on Ubuntu platform
OS version: Ubuntu 22.04.1 LTS (jammy), 64-bit (amd64, x86_64). Firefox version: 110.0 (64-bit) (NOTE: the issue was noticed with version 109.0, too) Firefox package wa… (ketahui selanjutnya)
OS version: Ubuntu 22.04.1 LTS (jammy), 64-bit (amd64, x86_64). Firefox version: 110.0 (64-bit) (NOTE: the issue was noticed with version 109.0, too)
Firefox package was installed on Ubuntu through 'APT', using the Mozilla Team repository (https://ppa.launchpadcontent.net/mozillateam/ppa/ubuntu/). It caught my attention that an excessive amount of Firefox related 'DENIED' AppArmor log messages is generated during the browser activity.
According to messages, Firefox is occasionally denied read access to '/sys/devices/' area and read/write access to 'oom_score_adj' target in '/proc/'. Could somebody clarify why would that access be required for regular browser operations? I'm a bit puzzled as I haven't noticed anything similar with the older Ubuntu and Firefox versions. A complete suppression of those messages is also an option as long as there's no negative impact on application's performance.
I already posted this question to Ubuntu forum but seems like nobody there could provide an explanation. I'd appreciate any input or hint.
Following is the sample of referred log messages:
---SNIP--- [Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.813:39): apparmor="DENIED" operation="capable" profile="firefox" pid=2231 comm="firefox" capability=21 capname="sys_admin"
[Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.877:40): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/revision" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.877:41): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/config" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.877:42): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/revision" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.877:43): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/config" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.885:44): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/revision" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.885:45): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/config" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.885:46): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/revision" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.885:47): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/config" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 . . . . . . [Fri Feb 24 19:16:22 2023] audit: type=1400 audit(1674000983.040:56): apparmor="DENIED" operation="open" profile="firefox" name="/proc/2347/oom_score_adj" pid=2231 comm="firefox" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
[Fri Feb 24 19:16:35 2023] audit: type=1400 audit(1674000995.296:57): apparmor="DENIED" operation="open" profile="firefox" name="/proc/2347/oom_score_adj" pid=2231 comm="firefox" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
[Fri Feb 24 19:16:39 2023] audit: type=1400 audit(1674000999.280:58): apparmor="DENIED" operation="open" profile="firefox" name="/proc/2347/oom_score_adj" pid=2231 comm="firefox" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
[Fri Feb 24 19:16:41 2023] audit: type=1400 audit(1674001001.768:59): apparmor="DENIED" operation="open" profile="firefox" name="/proc/2455/oom_score_adj" pid=2231 comm="firefox" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
[Fri Feb 24 19:16:41 2023] audit: type=1400 audit(1674001001.768:60): apparmor="DENIED" operation="open" profile="firefox" name="/proc/2458/oom_score_adj" pid=2231 comm="firefox" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000 ---SNIP---