On Fri, Aug 01 2025, Philipp Huebner wrote: > ejabberd in Debian Trixie no longer ships any apparmor profile, > the upgrade process should have removed that or at least asked you. > > Any idea why it's still in place for you? Did you suppress / reject > any question regarding this during the upgrade? > > Maybe we should add a forced removal in debian/postinst to be on the > safe side.
I checked /var/log/apt/term.log - no output or prompts about the profile. Both apparmor and ejabberd packages were upgraded in the same run, along with 1,000 other packages. I use etckeeper, therefore I can see that I had modified the profile starting all the way back in 2019. IIRC, I've had issues with the ejabberd's apparmor profile vs. munin-node monitoring scripts, getting denials when connecting to ejabberd to poll stats. BTW, most these modifications were done in /etc/apparmor.d/local/usr.sbin.ejabberdctl. This is odd: $ grep apparmor /var/lib/dpkg/info/ejabberd.list /etc/apparmor.d/usr.sbin.ejabberdctl I didn't realize that the /var/lib/dpkg/info/*.list files were dynamic. I assumed they would match: https://packages.debian.org/trixie/amd64/ejabberd/filelist The tail end of the .list file contains these entries, where it deviates from what is displayed on packages.d.o: /var /var/lib /var/lib/ejabberd /var/log /var/log/ejabberd /etc/ejabberd/ejabberdctl.cfg /usr/lib/x86_64-linux-gnu/ejabberd-24.12 /usr/lib/x86_64-linux-gnu/ejabberd-24.12-3/priv/img /usr/share/doc/ejabberd/examples/captcha.sh /usr/share/doc/ejabberd/examples/ejabberd.yml /usr/share/doc/ejabberd/examples/ejabberdctl.cfg /etc/default/ejabberd /etc/apparmor.d/usr.sbin.ejabberdctl This host has been running ejabberd since 2.1.5-1 which might explain some of the cruft. -- Gerald Turner <[email protected]> Encrypted mail preferred! OpenPGP: 4096R / CA89 B27A 30FA 66C5 1B80 3858 EC94 2276 FDB8 716D
signature.asc
Description: PGP signature
