Pesquisar no apoio

Evite burlas no apoio. Nunca iremos solicitar que telefone ou envie uma mensagem de texto para um número de telefone ou que partilhe informações pessoais. Por favor, reporte atividades suspeitas utilizando a opção "Reportar abuso".

Learn More

Excessive apparmor log entries on Ubuntu platform

  • 3 respostas
  • 2 têm este problema
  • 937 visualizações
  • Última resposta por scoobienator

more options

OS version: Ubuntu 22.04.1 LTS (jammy), 64-bit (amd64, x86_64). Firefox version: 110.0 (64-bit) (NOTE: the issue was noticed with version 109.0, too)

Firefox package was installed on Ubuntu through 'APT', using the Mozilla Team repository (https://ppa.launchpadcontent.net/mozillateam/ppa/ubuntu/). It caught my attention that an excessive amount of Firefox related 'DENIED' AppArmor log messages is generated during the browser activity.

According to messages, Firefox is occasionally denied read access to '/sys/devices/' area and read/write access to 'oom_score_adj' target in '/proc/'. Could somebody clarify why would that access be required for regular browser operations? I'm a bit puzzled as I haven't noticed anything similar with the older Ubuntu and Firefox versions. A complete suppression of those messages is also an option as long as there's no negative impact on application's performance.

I already posted this question to Ubuntu forum but seems like nobody there could provide an explanation. I'd appreciate any input or hint.

Following is the sample of referred log messages:

---SNIP--- [Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.813:39): apparmor="DENIED" operation="capable" profile="firefox" pid=2231 comm="firefox" capability=21 capname="sys_admin"

[Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.877:40): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/revision" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

[Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.877:41): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/config" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

[Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.877:42): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/revision" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

[Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.877:43): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/config" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

[Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.885:44): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/revision" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

[Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.885:45): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/config" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

[Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.885:46): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/revision" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

[Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.885:47): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/config" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 . . . . . . [Fri Feb 24 19:16:22 2023] audit: type=1400 audit(1674000983.040:56): apparmor="DENIED" operation="open" profile="firefox" name="/proc/2347/oom_score_adj" pid=2231 comm="firefox" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000

[Fri Feb 24 19:16:35 2023] audit: type=1400 audit(1674000995.296:57): apparmor="DENIED" operation="open" profile="firefox" name="/proc/2347/oom_score_adj" pid=2231 comm="firefox" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000

[Fri Feb 24 19:16:39 2023] audit: type=1400 audit(1674000999.280:58): apparmor="DENIED" operation="open" profile="firefox" name="/proc/2347/oom_score_adj" pid=2231 comm="firefox" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000

[Fri Feb 24 19:16:41 2023] audit: type=1400 audit(1674001001.768:59): apparmor="DENIED" operation="open" profile="firefox" name="/proc/2455/oom_score_adj" pid=2231 comm="firefox" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000

[Fri Feb 24 19:16:41 2023] audit: type=1400 audit(1674001001.768:60): apparmor="DENIED" operation="open" profile="firefox" name="/proc/2458/oom_score_adj" pid=2231 comm="firefox" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000 ---SNIP---

OS version: Ubuntu 22.04.1 LTS (jammy), 64-bit (amd64, x86_64). Firefox version: 110.0 (64-bit) (NOTE: the issue was noticed with version 109.0, too) Firefox package was installed on Ubuntu through 'APT', using the Mozilla Team repository (https://ppa.launchpadcontent.net/mozillateam/ppa/ubuntu/). It caught my attention that an excessive amount of Firefox related 'DENIED' AppArmor log messages is generated during the browser activity. According to messages, Firefox is occasionally denied read access to '/sys/devices/' area and read/write access to 'oom_score_adj' target in '/proc/'. Could somebody clarify why would that access be required for regular browser operations? I'm a bit puzzled as I haven't noticed anything similar with the older Ubuntu and Firefox versions. A complete suppression of those messages is also an option as long as there's no negative impact on application's performance. I already posted this question to Ubuntu forum but seems like nobody there could provide an explanation. I'd appreciate any input or hint. Following is the sample of referred log messages: ---SNIP--- [Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.813:39): apparmor="DENIED" operation="capable" profile="firefox" pid=2231 comm="firefox" capability=21 capname="sys_admin" [Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.877:40): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/revision" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 [Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.877:41): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/config" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 [Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.877:42): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/revision" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 [Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.877:43): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/config" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 [Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.885:44): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/revision" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 [Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.885:45): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/config" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 [Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.885:46): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/revision" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 [Fri Feb 24 19:14:50 2023] audit: type=1400 audit(1674000890.885:47): apparmor="DENIED" operation="open" profile="firefox" name="/sys/devices/pci0000:00/0000:00:02.0/config" pid=2235 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 . . . . . . [Fri Feb 24 19:16:22 2023] audit: type=1400 audit(1674000983.040:56): apparmor="DENIED" operation="open" profile="firefox" name="/proc/2347/oom_score_adj" pid=2231 comm="firefox" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000 [Fri Feb 24 19:16:35 2023] audit: type=1400 audit(1674000995.296:57): apparmor="DENIED" operation="open" profile="firefox" name="/proc/2347/oom_score_adj" pid=2231 comm="firefox" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000 [Fri Feb 24 19:16:39 2023] audit: type=1400 audit(1674000999.280:58): apparmor="DENIED" operation="open" profile="firefox" name="/proc/2347/oom_score_adj" pid=2231 comm="firefox" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000 [Fri Feb 24 19:16:41 2023] audit: type=1400 audit(1674001001.768:59): apparmor="DENIED" operation="open" profile="firefox" name="/proc/2455/oom_score_adj" pid=2231 comm="firefox" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000 [Fri Feb 24 19:16:41 2023] audit: type=1400 audit(1674001001.768:60): apparmor="DENIED" operation="open" profile="firefox" name="/proc/2458/oom_score_adj" pid=2231 comm="firefox" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000 ---SNIP---

Modificado por scoobienator a

Solução escolhida

You can try Firefox from the official Mozilla server if you currently use a version from the repositories of your Linux distribution to see if it behaves differently.

Ler esta resposta no contexto 👍 1

Todas as respostas (3)

more options

Solução escolhida

You can try Firefox from the official Mozilla server if you currently use a version from the repositories of your Linux distribution to see if it behaves differently.

more options

Thanks, cor-el! Yes, the version you suggested runs clean without any excessive log messages. The version from Mozilla Team repository seem to be having something specific in its build that triggers this logging issue.

Regards,

Alex

more options

Just for the info...The logging issue seems to be related strictly to 'apparmor' facility. The version downloaded from Mozilla server runs from my home directory and doesn't have an 'apparmor' profile as the package installed from the linux repository. Hence no excessive logs...