Control: retitle -1 opensnitch: Explicitly use 'proc' fallback by default
Control: severity -1 minor
Control: summary -1 0
Control: tags -1 - upstream + patch
Debian 12 does not ship the eBPF module required for the upstream default
process monitor method. The 'proc' method is used as an implicit fallback,
but python3-opensnitch-ui refuses to set the InterceptUnknown option when
the module is missing and the 'ebpf' monitor method is nominally selected.
My original bug report was based on ignorance of the fallback behavior.
Since eBPF is currently not used at all, patching the build process to add
the missing module would constitute a feature update. That is obviously
out of the question, so here is a minor patch that fixes the actual bug.
Although this bug is not reproducible unless opensnitch-ui is installed
and running, the file that needs to be changed is part of opensnitch.
Description: Explicitly use 'proc' fallback by default
Debian 12 does not ship the eBPF module required for the upstream default
process monitor method. The 'proc' method is used as an implicit fallback,
but python3-opensnitch-ui refuses to set the InterceptUnknown option when
the module is missing and the 'ebpf' monitor method is nominally selected.
Bug-Debian: https://bugs.debian.org/1037006
Forwarded: not-needed
Author: Pijgn <pi...@riseup.net>
Index: opensnitch-1.5.8.1/daemon/default-config.json
===================================================================
--- opensnitch-1.5.8.1.orig/daemon/default-config.json
+++ opensnitch-1.5.8.1/daemon/default-config.json
@@ -7,7 +7,7 @@
"DefaultAction": "allow",
"DefaultDuration": "once",
"InterceptUnknown": false,
- "ProcMonitorMethod": "ebpf",
+ "ProcMonitorMethod": "proc",
"LogLevel": 2,
"Firewall": "iptables",
"Stats": {
