[Pkg-privacy-maintainers] Bug#881496: Bug#881496: onioncircuits: python3/testing and apparmor/testing breaks onioncircuits
intrigeri
intrigeri at debian.org
Thu Dec 7 10:15:37 UTC 2017
Control: tag -1 + moreinfo
Hi Mykola,
Sascha Steinbiss:
> ah, this sheds some light on the situation. However:
>> audit[3722]: AVC apparmor="DENIED" operation="file_mmap"
>> profile="/usr/bin/onioncircuits"
>> name="/usr/lib/python3.6/lib-dynload/_ctypes.cpython-36m-x86_64-linux-gnu.so"
>> pid=3722 comm="onioncircuits" requested_mask="m" denied_mask="m" fsuid=1000 ouid=0
> This is interesting, since the corresponding line in the python AppArmor
> abstractions [1] (which are imported by the onioncircuits profile [2]) is:
> /usr/lib{,32,64}/python3.[0-6]/lib-dynload/*.so mr,
> which indeed already has the mmap flag set. It's been in testing for
> some while now (since bzr revision #1671, which was the initial update
> to upstream's 2.11.1).
> I also can't see it being overridden anywhere. So I am not sure why this
> permission should be denied...
Can you please share the content of your
/etc/apparmor.d/abstractions/python file?
Cheers,
--
intrigeri
More information about the Pkg-privacy-maintainers
mailing list