[apparmor] Clickable links in aa-sandbox
Jamie Strandboge
jamie at canonical.com
Tue Aug 28 14:07:24 UTC 2012
On Mon, 2012-08-27 at 11:54 -0400, Michael Hall wrote:
> I've been testing aa-sandbox using my hello-unity[1] app, and most
> everything runs fine once I figured out the right abstractions[2] to
> use. But the window contains a GtkLabel with an embedded hyperlink, and
> clicking on the link doesn't open the URL in the browser like it does
> outside of aa-sandbox. When I close the app, I see the following error
> printed to the terminal:
>
> (hello-unity:22818): Gtk-WARNING **: Unable to show
> 'http://developer.ubuntu.com/resources/technologies/unity/': Failed to
> execute child process "/usr/bin/chromium-browser" (No such file or
> directory)
>
> I've tried it without the -X and --with-xserver=xpra3d, but the link
> still doesn't work.
>
>
> [1] https://launchpad.net/hello-unity
> [2] ./aa-sandbox --templates-dir=`pwd`/easyprof/templates -a
> python,gnome,ubuntu-browsers,xdg-desktop,freedesktop.org -X
> --with-xserver=xpra3d /usr/bin/hello-unity
You need the ubuntu-helpers abstraction too. This is what provides the
'sanitized_helper' that is used by ubuntu-browsers. Unfortunately, we
can't just include ubuntu-helpers in the ubuntu-browsers abstraction for
various reasons related to packaging in Ubuntu.
FYI, I made a change to the sandbox-x template. It is now designed
specifically for use with the -X argument. For testing desktop
applications without using '-X', you'll want to create a new template:
$ cd ./utils
$ sed 's#audit deny @{HOME}/.Xauthority mrwlk,##' ./easyprof/templates/sandbox-x > ~/sandbox-gui
$ ./aa-sandbox -t ~/sandbox-gui -a python,gnome,ubuntu-browsers,ubuntu-helpers /usr/bin/hello-unity
More information about the AppArmor
mailing list