Not quite sure of this is better in the security form because it deals with AppArmor, or here because it deals with software or the Linux Mint forum, so I rolled the dice and chose here first but if I am in error I apologize and please move it to the correct place.
I'm running Linux Mint Mate and I've had Chromium browser installed from the beginning. Everything worked fine for a long time but I recently updated to the newest version of Mint Mate and ever since the update whenever I open Chromium I get the popup alerts from app armor ... a lot of them. Very annoying.
My guess is that apparmor was either not present on the previous version of Mint or not active or it changed the apparmor settings during the update for some reason.
I tried to research what I need to do to fix it but I'm not 100% sure and I don't want to screw anything up in trying (first do no harm philosophy). So can anyone please tell me what I am doing wrong? My guess so far is that I have to edit the apparmor settings in order to tell it to allow Chromium but I'm not quite sure exactly where or how to do that.
The popups tell me to check the kern log so I did and here are some of the entries.
Code:
Jan 5 11:55:55 HERE kernel: [ 5528.056187] audit: type=1400 audit(1515171355.675:549): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/proc/14873/setgroups" pid=14873 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
Jan 5 11:55:55 HERE kernel: [ 5528.056366] audit: type=1400 audit(1515171355.675:550): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/proc/14873/gid_map" pid=14873 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
Jan 5 11:55:55 HERE kernel: [ 5528.056368] audit: type=1400 audit(1515171355.675:551): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/proc/14873/uid_map" pid=14873 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
Jan 5 11:55:55 HERE kernel: [ 5528.058800] audit: type=1400 audit(1515171355.675:552): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/proc/14874/setgroups" pid=14874 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
Jan 5 11:55:55 HERE kernel: [ 5528.058803] audit: type=1400 audit(1515171355.675:553): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/proc/14874/uid_map" pid=14874 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
Jan 5 11:55:55 HERE kernel: [ 5528.058955] audit: type=1400 audit(1515171355.675:554): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/proc/14874/gid_map" pid=14874 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
Jan 5 11:55:55 HERE kernel: [ 5528.107603] audit: type=1400 audit(1515171355.723:555): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/proc/14874/setgroups" pid=14874 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
Jan 5 11:55:55 HERE kernel: [ 5528.107606] audit: type=1400 audit(1515171355.723:556): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/proc/14874/gid_map" pid=14874 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
Jan 5 11:55:55 HERE kernel: [ 5528.107739] audit: type=1400 audit(1515171355.723:557): apparmor="ALLOWED" operation="open" profile="/usr/lib/chromium-browser/chromium-browser" name="/proc/14874/uid_map" pid=14874 comm="chromium-browse" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
Jan 5 11:55:55 HERE kernel: [ 5528.188196] audit: type=1400 audit(1515171355.807:558): apparmor="ALLOWED" operation="connect" profile="/usr/lib/chromium-browser/chromium-browser" name="/run/dbus/system_bus_socket" pid=14858 comm=442D42757320746872656164 requested_mask="wr" denied_mask="wr" fsuid=1000 ouid=0
Jan 5 11:56:02 HERE kernel: [ 5534.851218] kauditd_printk_skb: 434 callbacks suppressed
Jan 5 11:56:02 HERE kernel: [ 5534.851221] audit: type=1107 audit(1515171362.467:993): pid=761 uid=102 auid=4294967295 ses=4294967295 msg='apparmor="ALLOWED" operation="dbus_method_call" bus="system" path="/org/freedesktop/DBus" interface="org.freedesktop.DBus" member="RemoveMatch" mask="send" name="org.freedesktop.DBus" pid=14858 label="/usr/lib/chromium-browser/chromium-browser" peer_label="unconfined"
Jan 5 11:56:02 HERE kernel: [ 5534.851221] exe="/usr/bin/dbus-daemon" sauid=102 hostname=? addr=? terminal=?'