[pkg-apparmor] Bug#843461: apparmor: Support usrmerge
Felix Geyer
fgeyer at debian.org
Sun Nov 6 19:15:36 UTC 2016
Package: apparmor
Version: 2.10.95-5
For stretch we need to support usrmerge and non-usrmerge systems.
We can add something like this to the default tunables:
alias /bin/ -> /usr/bin/,
alias /sbin/ -> /usr/sbin/,
alias /lib/ -> /usr/lib/,
alias /lib32/ -> /usr/lib32/,
alias /lib64/ -> /usr/lib64/,
alias /libx32/ -> /usr/libx32/,
Unfortunately this causes a conflict in the sanitized_helper rule:
/usr/{,local/}lib*/{,**/}* Pixr,
and these rules from abstractions/base
/lib{,32,64}/ld{,32,64}-*.so mrix,
/lib{,32,64}/**/ld{,32,64}-*.so mrix,
/lib/@{multiarch}/ld{,32,64}-*.so mrix,
More information about the pkg-apparmor-team
mailing list