[pkg-apparmor] Bug#1003158: apparmor: tunables/home seems to have wrong order of variables
Karsten Hilbert
karsten.hilbert at gmx.net
Wed Jan 5 11:35:17 GMT 2022
Package: apparmor
Version: 2.13.6-10
Severity: important
Dear Maintainers,
there seems to be a order-logic bug in
/etc/apparmor.d/tunables/home
That profile defines @{HOME} first:
@{HOME}=@{HOMEDIRS}/*/ /root/
and *later* defines @{HOMEDIRS}:
@{HOMEDIRS}=/home/
It seems that either the order of definitions needs to be switched or
else the second definition should be
@{HOMEDIRS}+=/home/ #(note the + sign)
? Or am I missing something.
Thanks,
Karsten
-- System Information:
Debian Release: 11.2
APT prefers stable
APT policy: (990, 'stable'), (500, 'unstable-debug'), (500, 'stable-updates'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 5.15.0-2-686-pae (SMP w/2 CPU threads)
Kernel taint flags: TAINT_UNSIGNED_MODULE
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages apparmor depends on:
ii debconf [debconf-2.0] 1.5.77
ii libc6 2.33-1
ii lsb-base 11.1.0
apparmor recommends no packages.
Versions of packages apparmor suggests:
pn apparmor-profiles-extra <none>
pn apparmor-utils <none>
-- debconf information:
apparmor/homedirs:
More information about the pkg-apparmor-team
mailing list