Bug#962903: libreoffice: Fails to open any PDF ("This PDF file is encrypted and can't be opened.")

To: Andreas Metzler <ametzler@bebt.de>, 962903@bugs.debian.org, control@bugs.debian.org
Subject: Bug#962903: libreoffice: Fails to open any PDF ("This PDF file is encrypted and can't be opened.")
From: Rene Engelhard <rene@debian.org>
Date: Sat, 20 Jun 2020 14:19:46 +0200
Message-id: <[🔎] bb26d6fd-4a23-1efd-a880-667d3e13d2de@debian.org>
Reply-to: Rene Engelhard <rene@debian.org>, 962903@bugs.debian.org, control@bugs.debian.org, 962903@bugs.debian.org
In-reply-to: <[🔎] 9ad29b75-b92d-a41f-4221-b49931c60cf8@debian.org>
References: <[🔎] 20200615174918.GA1524@argenau.bebt.de> <[🔎] 20200615174918.GA1524@argenau.bebt.de> <[🔎] 9ad29b75-b92d-a41f-4221-b49931c60cf8@debian.org> <[🔎] 20200615174918.GA1524@argenau.bebt.de>

tag 962903 - moreinfo

tag 962903 - unreproducible

retitle 962903 Fails to open any PDF ("This PDF file is encrypted and
can't be opened.") if TMPDIR is not /tmp (apparmor DENIED)

severity 962903 minor

tag 962903 + wontfix

thanks


Am 20.06.20 um 14:11 schrieb Rene Engelhard:
> 2575  19:27:45.464196 openat(AT_FDCWD, "/tmp/test-tmp-ametzler/Qqf3SE", O_RDONLY) = -1 EACCES (Permission denied)
> I wonder about that /tmp/test-tmp-ametzler.
>
>
> The apparmor rules might just allow /tmp/*, not /tmp/something/*.

profile libreoffice-xpdfimport /usr/lib/libreoffice/program/xpdfimport {
  #include <abstractions/base>

  owner /tmp/*              r,     #Seems to need to read file created
with pattern /tmp/RRRRRR
  owner /tmp/lu**           rw,    #makes files like
luRRRRR.tmp/lubRRRR.tmp where R is random
                                   #Note, usually it's lub or luc, don't
know why.
[...]

> Ah, yes:
>
> Indeed, if I set TMPDIR=/tmp/test I get that
>
> "This PDF file is encrypted and can't be opened".
>
>
> dmesg shows e.g.:
>
> "[  692.0171072] audit: type=1400 audit(159265461.660:88): apparmor="DENIED" opereation="open" profile="libreoffice-xpdfimport" name="/tmp/test/4DyliY" pid=2661 comm="xpdfimport" requested_mask="r" denied_masj="r" fsuid=1000 ouid=1000"
>
> And indeed, if I set that profile to complain only it works.

Based on that and the last sentence changing the status and marking this
as wontfix.#

Regards,

Rene

Reply to:

Follow-Ups:
- Processed (with 1 error): Re: Bug#962903: libreoffice: Fails to open any PDF ("This PDF file is encrypted and can't be opened.")
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>
- Bug#962903: libreoffice: Fails to open any PDF ("This PDF file is encrypted and can't be opened.")
  - From: Rene Engelhard <rene@debian.org>
- Bug#962903: libreoffice: Fails to open any PDF ("This PDF file is encrypted and can't be opened.")
  - From: Andreas Metzler <ametzler@bebt.de>

References:
- Bug#962903: libreoffice: Fails to open any PDF ("This PDF file is encrypted and can't be opened.")
  - From: Andreas Metzler <ametzler@bebt.de>
- Bug#962903: libreoffice: Fails to open any PDF ("This PDF file is encrypted and can't be opened.")
  - From: Rene Engelhard <rene@debian.org>

Prev by Date: Processed: Re: Bug#962903: libreoffice: Fails to open any PDF ("This PDF file is encrypted and can't be opened.")
Next by Date: Processed (with 1 error): Re: Bug#962903: libreoffice: Fails to open any PDF ("This PDF file is encrypted and can't be opened.")
Previous by thread: Processed: Re: Bug#962903: libreoffice: Fails to open any PDF ("This PDF file is encrypted and can't be opened.")
Next by thread: Processed (with 1 error): Re: Bug#962903: libreoffice: Fails to open any PDF ("This PDF file is encrypted and can't be opened.")
Index(es):
- Date
- Thread