Bug#990499: apparmor: Include local profile for sanitized_helper
Hi, Frank (2021-09-03): > https://gitlab.com/apparmor/apparmor/-/merge_requests/796 Great! > It might be as well better to add a patch to current Debian oldstable / > stable? I don't think this change qualifies for a stable update: it's more of an improvement than a bug fix, and local administrators already have a way to workaround the problem if needed. Cheers!
Bug#990499: apparmor: Include local profile for sanitized_helper
https://gitlab.com/apparmor/apparmor/-/merge_requests/796 It might be as well better to add a patch to current Debian oldstable / stable? Best, Frank On 9/3/21, intrigeri wrote: Control: tag -1 + upstream Control: severity -1 wishlist Hi, Frank (2021-06-30): The current setup for the profile sanitized_helper does not include a local profile for adjustments. I would like to propose #include in /etc/apparmor.d/abstraction/ubuntu-helpers This makes sense to me. Now that we can target AppArmor 3.x, I would instead suggest: include if exists … so we don't have to create/manage local/ubuntu-helpers. Would you like to submit this as a merge request upstream? It would happen there: https://gitlab.com/apparmor/apparmor Cheers!
Bug#990499: apparmor: Include local profile for sanitized_helper
Control: tag -1 + upstream Control: severity -1 wishlist Hi, Frank (2021-06-30): > The current setup for the profile sanitized_helper does not include a local > profile for adjustments. I would like to propose > > #include > > in /etc/apparmor.d/abstraction/ubuntu-helpers This makes sense to me. Now that we can target AppArmor 3.x, I would instead suggest: include if exists … so we don't have to create/manage local/ubuntu-helpers. Would you like to submit this as a merge request upstream? It would happen there: https://gitlab.com/apparmor/apparmor Cheers!
Bug#990499: apparmor: Include local profile for sanitized_helper
Package: apparmor Version: 2.13.2-10 Severity: wishlist Dear Maintainer, The current setup for the profile sanitized_helper does not include a local profile for adjustments. I would like to propose #include in /etc/apparmor.d/abstraction/ubuntu-helpers Best wishes, Frank -- System Information: Debian Release: 10.10 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-0.bpo.7-amd64 (SMP w/8 CPU cores) Kernel taint flags: TAINT_CPU_OUT_OF_SPEC, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages apparmor depends on: ii debconf [debconf-2.0] 1.5.71 ii libc6 2.28-10 ii lsb-base 10.2019051400 ii python33.7.3-1 apparmor recommends no packages. Versions of packages apparmor suggests: pn apparmor-profiles-extra pn apparmor-utils -- debconf information excluded
