[Pkg-privacy-maintainers] Bug#881496: Bug#881496: onioncircuits: python3/testing and apparmor/testing breaks onioncircuits

intrigeri intrigeri at debian.org
Thu Dec 7 10:15:37 UTC 2017


Control: tag -1 + moreinfo

Hi Mykola,

Sascha Steinbiss:
> ah, this sheds some light on the situation. However:

>>     audit[3722]: AVC apparmor="DENIED" operation="file_mmap"
>> profile="/usr/bin/onioncircuits"
>> name="/usr/lib/python3.6/lib-dynload/_ctypes.cpython-36m-x86_64-linux-gnu.so"
>> pid=3722 comm="onioncircuits" requested_mask="m" denied_mask="m" fsuid=1000 ouid=0

> This is interesting, since the corresponding line in the python AppArmor
> abstractions [1] (which are imported by the onioncircuits profile [2]) is:

>   /usr/lib{,32,64}/python3.[0-6]/lib-dynload/*.so            mr,

> which indeed already has the mmap flag set. It's been in testing for
> some while now (since bzr revision #1671, which was the initial update
> to upstream's 2.11.1).
> I also can't see it being overridden anywhere. So I am not sure why this
> permission should be denied...

Can you please share the content of your
/etc/apparmor.d/abstractions/python file?

Cheers,
-- 
intrigeri



More information about the Pkg-privacy-maintainers mailing list