[Pkg-privacy-maintainers] Bug#981817: Bug#981817: onioncircuits: Permission denied: '/usr/local/lib/python3.7/dist-packages/psutil-5.7.2.dist-info'
nodens
nodens at debian.org
Wed Feb 10 11:26:35 GMT 2021
On 10/02/2021 11:02, Ulrike Uhlig wrote:
> Hi!
>
> On 10.02.21 00:18, Jonathan Marquardt wrote:
>> On Fri, Feb 05, 2021 at 12:08:49PM +0100, Clément Hermann wrote:
>>> On 04/02/2021 13:04, Jonathan Marquardt wrote:
>>>> On Thu, Feb 04, 2021 at 12:23:17PM +0100, Clément Hermann wrote:
>
>> However I found out that it always works (on all of my systems) if I
>> launch
>> onionciruits with the command:
>>
>> $ python3 /usr/bin/onionciruits
>>
>> I have no idea why.
>
> Could this be related to AppArmor?
>
> Just a random idea.
Oh right. Of course. Thanks Ulrike :)
Yes, the apparmor profile shipped with onioncircuit won't allow access
to stuff in /usr/local. So python interpreter can't actually run.
I would still advise against mixed system-wide stuff from debian package
and from pip; and use virtualenv instead for any local needs, but this
could probably also be worked around by:
- disabling the onioncircuits profile (not recommended), or
- adding some local rules to allow access to /usr/local/ in
/etc/apparmor.d/local/usr.bin.onioncircuits
The existing rules in /etc/apparmor.d/usr.bin.onioncircuits could be
used as a starting point. I don't think it's relevant to include new
rules in the package.
If you prefer, I could reopen the bug and tag it as wontfix for clarity.
Cheers,
--
nodens
More information about the Pkg-privacy-maintainers
mailing list