Bug#866790: postfix rules yield error and fail
On 2017-07-03 08:37:32, intrigeri wrote: > Antoine Beaupré: >> PS: seems to me like a good example why profiles-extra should be >> deployed straight to /etc :p > > One step at a time: I'd rather see AppArmor enabled by default with > a small, robust policy first. And then we can think of extending this > policy :) Well, we don't need to enable profiles-extra by default either... a. -- Prolétaires de tous les pays, qui lave vos chaussettes? - Audrey Lorde
Bug#866790: postfix rules yield error and fail
Antoine Beaupré: > PS: seems to me like a good example why profiles-extra should be > deployed straight to /etc :p One step at a time: I'd rather see AppArmor enabled by default with a small, robust policy first. And then we can think of extending this policy :) Cheers, -- intrigeri
Processed: Re: Bug#866790: postfix rules yield error and fail
Processing control commands: > tag -1 + moreinfo Bug #866790 [apparmor] postfix rules yield error and fail Added tag(s) moreinfo. > tag -1 + unreproducible Bug #866790 [apparmor] postfix rules yield error and fail Added tag(s) unreproducible. -- 866790: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866790 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#866790: postfix rules yield error and fail
Control: tag -1 + moreinfo Control: tag -1 + unreproducible Hi, Antoine Beaupre: > ERROR: Include file /etc/apparmor.d/program-chunks/postfix-common not found > ... if apparmor-profiles is installed. > This, obviously, is an error in the postfix* apparmor profiles which > try to include a non-existing file. The proper file to include is > abstractions/postfix-common of course. Thank you for this report. What are "the postfix* apparmor profiles" that include program-chunks/postfix-common? I.e. where are they installed, and by which package/version? I could not find any such thing in a Stretch chroot after installing apparmor-profiles. I've looked in /usr/share/doc/apparmor-profiles/extras/ and in /etc/apparmor.d/. Perhaps you copied stuff from /usr/share/doc/apparmor-profiles/extras/ to /etc/apparmor.d/ in the past and your own copy needs an update? Cheers, -- intrigeri
Bug#866790: postfix rules yield error and fail
Package: apparmor Version: 2.11.0-3 Severity: grave Right now, in debian stretch, any apparmor command will yield: $ sudo aa-disable usr.bin.irssi ERROR: Include file /etc/apparmor.d/program-chunks/postfix-common not found ... if apparmor-profiles is installed. This, obviously, is an error in the postfix* apparmor profiles which try to include a non-existing file. The proper file to include is abstractions/postfix-common of course. This seems to have been fixed in unstable, but it should really be fixed in a point update in stretch. -- System Information: Debian Release: 9.0 APT prefers stable APT policy: (500, 'stable'), (1, 'experimental'), (1, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: armhf Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8), LANGUAGE=fr_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages apparmor depends on: ii debconf [debconf-2.0] 1.5.61 ii init-system-helpers1.48 ii libapparmor-perl 2.11.0-3 ii libc6 2.24-11+deb9u1 ii lsb-base 9.20161125 ii python33.5.3-1 apparmor recommends no packages. Versions of packages apparmor suggests: ii apparmor-profiles2.11.0-3 ii apparmor-profiles-extra 1.11 ii apparmor-utils 2.11.0-3 -- debconf information excluded
