ImageMagick security settings in openSUSE
Tommaso Cucinotta
tommaso at lyx.org
Fri Oct 30 23:11:58 UTC 2020
Hi,
I'm not sure if the problem is similar, I've just tried LyX 2.3.4 on Ubuntu 20.04.1, and noticed that after inserting a
PDF file/graphics, LyX has problems in converting the image into PNG, as needed to show the preview on-screen.
One way I could work around it, was to comment out the PDF rule/filter in the security policy coming with ImageMagick 6:
(not understanding yet the full implications of this, though)
tommaso at laptom$ grep PDF /etc/ImageMagick-6/policy.xml
<!-- <policy domain="module" rights="none" pattern="{PS,PDF,XPS}" /> -->
<!-- <policy domain="coder" rights="none" pattern="PDF" /> -->
Now, the question I wanted to ask is: when reconfiguring LyX looking for existence of the various converters, would it
make sense for LyX to have a means to try the converters one by one (at least a known subset of them), to be sure they
work and they've not been forbidden, so to exclude those ones that don't actually work ?
Or, is there some other way to handle the problem in a user-friendly way ?
FYI, the user perception of the issue shows up like this:
tommaso at laptom$ lyx placement.lyx
convert-im6.q16: attempt to perform an operation not allowed by the security policy `PS' @
error/constitute.c/IsCoderAuthorized/408.
convert-im6.q16: no images defined `/tmp/lyx_tmpdir.pPGlFCzHmrqd/gconvertDiWwGs.png' @
error/convert.c/ConvertImageCommand/3258.
and, in LyX, the generic error on the image "spot" saying "cannot convert".
Thanks,
T.
On 03/07/19 15:43, Cor Blom wrote:
> Dear LyX devs,
>
> Because of the following bug
>
> https://bugzilla.opensuse.org/show_bug.cgi?id=1139928
>
> I have become aware of the strict security settings in openSUSE which limits capabilities of ImageMagick. There is an
> alternative setting that the user can activate, but most users will not know this.
>
> I am just writing this, so you are aware of this. I don't know a solution.
>
> Regards,
>
> Cor
>
>
>
More information about the lyx-devel
mailing list