[pkg-apparmor] Bug#1100546: apparmor-profiles: apparmor fails to start: /etc/apparmor.d/usr.bin.chromium-browser depends on removed abstraction
Alban Browaeys
prahal at yahoo.com
Sat Mar 15 05:26:49 GMT 2025
Package: apparmor-profiles
Version: 4.1.0~beta5-3
Severity: important
Dear Maintainer,
apparmor.servivce fails to start
systemctl status apparmor --no-pager
× apparmor.service - Load AppArmor profiles
Loaded: loaded (/usr/lib/systemd/system/apparmor.service; enabled; preset: enabled)
Active: failed (Result: exit-code) since Sat 2025-03-15 06:13:49 CET; 10min ago
Invocation: 8e5fddd3d1a74739a71339cdc599bf6f
Docs: man:apparmor(7)
https://gitlab.com/apparmor/apparmor/wikis/home/
Process: 1422 ExecStart=/lib/apparmor/apparmor.systemd reload (code=exited, status=1/FAILURE)
Main PID: 1422 (code=exited, status=1/FAILURE)
Mem peak: 16.7M
CPU: 596ms
mars 15 06:13:47 cyclope systemd[1]: Starting apparmor.service - Load AppArmor profiles...
mars 15 06:13:47 cyclope apparmor.systemd[1422]: Restarting AppArmor
mars 15 06:13:47 cyclope apparmor.systemd[1422]: Reloading AppArmor profiles
mars 15 06:13:49 cyclope apparmor.systemd[1736]: Erreur de l'analyseur AppArmor pour /etc/apparmor.d in profile /etc/apparmor.d/usr.bin.chromium-browser ? la ligne 17 : Impossible d'ouvrir << ab…omium-browser >>
mars 15 06:13:49 cyclope apparmor.systemd[1756]: Skipping profile in /etc/apparmor.d/disable: usr.bin.thunderbird
mars 15 06:13:49 cyclope apparmor.systemd[1780]: Skipping profile in /etc/apparmor.d/disable: usr.local.sbin.vnoded
mars 15 06:13:49 cyclope apparmor.systemd[1422]: Error: At least one profile failed to load
mars 15 06:13:49 cyclope systemd[1]: apparmor.service: Main process exited, code=exited, status=1/FAILURE
mars 15 06:13:49 cyclope systemd[1]: apparmor.service: Failed with result 'exit-code'.
mars 15 06:13:49 cyclope systemd[1]: Failed to start apparmor.service - Load AppArmor profiles.
/etc/apparmor.d/usr.bin.chromium-browser
includes /etc/apparmor.d/abstractions/ubuntu-browsers.d/chromium-browser
which was removed as oboslete conffile as a fix for https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074408
Note that upstream still has this abstraction:
https://gitlab.com/apparmor/apparmor/-/tree/master/profiles/apparmor.d/abstractions/ubuntu-browsers.d?ref_type=heads
https://gitlab.com/apparmor/apparmor/-/blob/master/profiles/apparmor.d/abstractions/ubuntu-browsers.d/chromium-browser?ref_type=heads
I expect either this abstraction to be restored or the chromium-browser
profile to stop including it.
Cheers,
Alban
-- System Information:
Debian Release: trixie/sid
APT prefers testing-debug
APT policy: (500, 'testing-debug'), (500, 'stable-debug'), (500, 'oldstable-debug'), (500, 'testing'), (500, 'stable'), (90, 'unstable-debug'), (90, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.12.17-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages apparmor-profiles depends on:
ii apparmor 4.1.0~beta5-3
apparmor-profiles recommends no packages.
apparmor-profiles suggests no packages.
-- no debconf information
More information about the pkg-apparmor-team
mailing list