[Pkg-giraffe-maintainers] Bug#946659: kopanocore: apparmor profile fails on Ubuntu because of /usr/sbin/ldconfig.real
Steve Langasek
steve.langasek at canonical.com
Thu Dec 12 22:33:00 GMT 2019
Package: kopanocore
Version: 8.7.0-5
Severity: normal
Tags: patch
User: ubuntu-devel at lists.ubuntu.com
Usertags: origin-ubuntu focal ubuntu-patch
Dear maintainers,
Since 8.7.0-3, the autopkgtests for kopanocore have been failing in Ubuntu,
due to an apparmor denial when kopano-search tries to access /usr/sbin/ldconfig:
[413685.899592] audit: type=1400 audit(1576179514.224:92): apparmor="DENIED" operation="open" profile="/usr/sbin/kopano-search" name="/usr/sbin/ldconfig" pid=298626 comm="ldconfig" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
The reason for this is that ldconfig on Ubuntu is a wrapper script around ldconfig.real.
The attached patch fixes the autopkgtest failure (and the subsequent runtime
failures) on Ubuntu. Please consider applying this in Debian.
Thanks,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer https://www.debian.org/
slangasek at ubuntu.com vorlon at debian.org
-------------- next part --------------
diff -Nru kopanocore-8.7.0/debian/apparmor/usr.sbin.kopano-search kopanocore-8.7.0/debian/apparmor/usr.sbin.kopano-search
--- kopanocore-8.7.0/debian/apparmor/usr.sbin.kopano-search 2019-10-29 10:43:03.000000000 -0700
+++ kopanocore-8.7.0/debian/apparmor/usr.sbin.kopano-search 2019-12-12 14:06:36.000000000 -0800
@@ -41,7 +41,7 @@
/lib/@{multiarch}/ld-*.so mr,
- /{,usr/}sbin/ldconfig Pix,
+ /{,usr/}sbin/ldconfig{,.real} Pixr,
/run/kopano/search.pid rw,
/run/kopano/search.pid.lock lrw,
More information about the Pkg-giraffe-maintainers
mailing list