[pkg-apparmor] Bug#1106045: libreoffice-common: Apparmor files do no include local override files
Laurent Bigonville
bigon at debian.org
Mon May 19 13:05:51 BST 2025
Le 19/05/25 à 13:33, René Engelhard a écrit :
> severity 110645 wishlist
> thanks
>
> Hi,
>
> Am 19. Mai 2025 10:46:37 MESZ schrieb Laurent Bigonville <bigon at debian.org>:
>> It seems that the libreoffice apparmor profiles are not including the
>> ability to use local overrides files like the other profies are.
> Which is not serious in any remote way. Fo not uselessly inflate severities.
>
> Especially since we are in hard freeze as it's a key package and that's won't be changed.
>
> You can change the profiles itself if there was a need. (There is none.)
>
Well almost all the apparmor profiles are including this "#include", I
was expecting it was part of some "apparmor packaging policy" in debian
or something, but I cannot find any reference.
>> The different profiles should have an "#include if exists <local/*profile_name*>"
>> some in them to allow the user to add new rules
> And why would one?
>
> Most are in complain mode anyways thus not blocking stuff.
Even in complain mode, apparmor still logs stuff in the audit logs (and
triggers notification when apparmor-notify is installed), so I'm pretty
sure there is a non-null number of people who wants to customize the policy
More information about the pkg-apparmor-team
mailing list