[Pkg-giraffe-maintainers] Bug#927215: kopano-search: AppArmor profile does not account for usrmerge
Julian Andres Klode
jak at debian.org
Tue Apr 16 12:24:04 BST 2019
Package: kopanocore
Version: 8.7.0-2
Severity: serious
Tags: patch
User: ubuntu-devel at lists.ubuntu.com
Usertags: origin-ubuntu disco ubuntu-patch
In Ubuntu, the attached patch was applied to achieve the following:
* kopano-search apparmor profile: Account for usrmerge
This was breaking autopkgtest for kopano-search --help with magic import errors;
and will have the same effect on real usrmerged systems.
Thanks for considering the patch.
diff -Nru kopanocore-8.7.0/debian/apparmor/usr.sbin.kopano-search kopanocore-8.7.0/debian/apparmor/usr.sbin.kopano-search
--- kopanocore-8.7.0/debian/apparmor/usr.sbin.kopano-search 2019-02-19 18:58:02.000000000 +0100
+++ kopanocore-8.7.0/debian/apparmor/usr.sbin.kopano-search 2019-04-16 11:59:16.000000000 +0200
@@ -21,8 +21,8 @@
deny /usr/lib/python{3,2.?}/dist-packages/kopano_search/*.pyc w,
- /bin/dash Pix,
- /bin/rm Pix,
+ {,/usr}/bin/dash Pix,
+ {,/usr}/bin/rm Pix,
# FIXME: it would be nice if search would use search- like pa
/dev/shm/* rwl,
@@ -38,7 +38,7 @@
/lib/@{multiarch}/ld-*.so mr,
- /sbin/ldconfig Pix,
+ {,/usr}/sbin/ldconfig Pix,
/run/kopano/search.pid rw,
/run/kopano/search.pid.lock lrw,
-- System Information:
Debian Release: buster/sid
APT prefers disco
APT policy: (991, 'disco'), (500, 'disco'), (500, 'cosmic-security')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.0.0-8-generic (SMP w/8 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
--
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer i speak de, en
More information about the Pkg-giraffe-maintainers
mailing list