[pkg-apparmor] Bug#882047: apparmor-utils: aa-complain thunderbird fails
intrigeri
intrigeri at debian.org
Sun Oct 21 08:29:09 BST 2018
Control: notforwarded -1
Vincas Dargis:
> On 6/13/18 6:00 PM, intrigeri wrote:
>> For the record, with 2.13-1 I see a different error:
>>
>> # aa-complain thunderbird
>> Setting /usr/bin/thunderbird to complain mode.
>>
>> ERROR: Path doesn't start with / or variable: gpg
>>
>> i.e. aa-complain chokes on the "gpg" named child profile.
With 2.13.1:
# aa-complain thunderbird
Setting /usr/bin/thunderbird to complain mode.
ERROR: /etc/apparmor.d/usr.bin.thunderbird doesn't contain a valid profile for /usr/bin/thunderbird (syntax error?)
… and the profile is not set to complain mode.
However, "aa-complain /etc/apparmor.d/usr.bin.thunderbird" works just
fine: it sets both the thunderbird profile and its child gpg profile
to complain mode :) I find this surprising given aa-complain(8) does
not mention this is possible at all.
> Same with gst_plugin_scanner when using 2.13:
> $ sudo aa-enforce /etc/apparmor.d/*
> < ...skipped... >
> Setting /etc/apparmor.d/gst_plugin_scanner to enforce mode.
> ERROR: Path doesn't start with / or variable: gst_plugin_scanner
This is fixed in 2.13.1, most likely thanks to the changes for
https://bugs.launchpad.net/apparmor/+bug/1775591 i.e.
https://gitlab.com/apparmor/apparmor/merge_requests/142
So I'm removing the "forwarded" indication: that upstream bug was
fixed but it only partly fixes what this bug report is about.
Cheers,
--
intrigeri
More information about the pkg-apparmor-team
mailing list