[pkg-apparmor] Bug#742829: closed by intrigeri <intrigeri at debian.org> (Bug#742829: fixed in apparmor 2.10.95-8)
intrigeri
intrigeri at debian.org
Sun Oct 1 06:30:01 UTC 2017
Hi,
Guido Günther:
> On Fri, Sep 29, 2017 at 04:09:02PM -0400, Daniel Richard G. wrote:
>> #include <abstractions/ubuntu-browsers.d/chromium-browser>
> This file is currently not included in Debian's apparmor
> package. @intrigeri, can this be added?
Before r1608 (in Vcs-Bzr) we shipped that file in
/usr/share/apparmor-profiles/abstractions/ubuntu-browsers.d/
I don't see any Include directive for that path in
/etc/apparmor/parser.conf, so I doubt it was actually used.
> I assume we don't want other packages to mess around
> in abstractions?
I think it's fine: any package can ship the abstractions it needs (and
quite a few do), as long as side-effects are considered carefully.
In the case at hand, it seems that
/etc/apparmor.d/abstractions/ubuntu-browsers.d is a place from which
profiles can include selected bits they need, rather than a directory
that will get included all at once, so there's no side effect and we
should be good (checked with codesearch.d.net that supports my guess :)
Cheers,
--
intrigeri
More information about the pkg-apparmor-team
mailing list