Re: [apparmor] [pkg-apparmor] Fwd: Re: aa-unconfined shows tor as being unconfined, aa-status says different

On Mon, Feb 02, 2015 at 07:58:58PM +0100, Christian Boltz wrote: > Some IRC discussion brought up that it's probably better to check for > ' (complain)' and ' (enforce)', so here's the patch: > > > Fix aa-unconfined to work with profile names that don't start with / or null > > I propose this pa

Re: [apparmor] [pkg-apparmor] Fwd: Re: aa-unconfined shows tor as being unconfined, aa-status says different

On 02/02/2015 10:58 AM, Christian Boltz wrote: > Hello, > > Am Montag, 2. Februar 2015 schrieb u: >> Christian Boltz: >>> Am Montag, 2. Februar 2015 schrieb u: While playing around with `aa-unconfined` i saw that /usr/bin/tor is marked as not being confined. >>> >>> Does it work if

Re: [apparmor] [pkg-apparmor] Fwd: Re: aa-unconfined shows tor as being unconfined, aa-status says different

Hello, Am Montag, 2. Februar 2015 schrieb John Johansen: > On 02/02/2015 07:51 AM, Christian Boltz wrote: > > Does it work if you change aa-unconfined line 66? Untested > > pseudo-patch: > > -if line.startswith("/") or line.startswith("null"): > > + if line.strip() !

Re: [apparmor] [pkg-apparmor] Fwd: Re: aa-unconfined shows tor as being unconfined, aa-status says different

Hello, Am Montag, 2. Februar 2015 schrieb u: > Christian Boltz: > > Am Montag, 2. Februar 2015 schrieb u: > >> While playing around with `aa-unconfined` i saw that /usr/bin/tor > >> is > >> marked as not being confined. > > > > Does it work if you change aa-unconfined line 66? Untested > > pseudo

Re: [apparmor] [pkg-apparmor] Fwd: Re: aa-unconfined shows tor as being unconfined, aa-status says different

On 02/02/2015 07:51 AM, Christian Boltz wrote: > Hello, > > Am Montag, 2. Februar 2015 schrieb u: >> While playing around with `aa-unconfined` i saw that /usr/bin/tor is >> marked as not being confined. >> >> In Debian, `tor` comes with an apparmor profile which is called >> "system_tor" and lives

Re: [apparmor] [pkg-apparmor] Fwd: Re: aa-unconfined shows tor as being unconfined, aa-status says different

Hello, Am Montag, 2. Februar 2015 schrieb u: > While playing around with `aa-unconfined` i saw that /usr/bin/tor is > marked as not being confined. > > In Debian, `tor` comes with an apparmor profile which is called > "system_tor" and lives in /etc/apparmor.d. > > `aa-unconfined` seems to ignore

Re: [apparmor] [pkg-apparmor] Fwd: Re: aa-unconfined shows tor as being unconfined, aa-status says different

Hi, Steve Beattie: > On Mon, Feb 02, 2015 at 10:22:27AM +, u wrote: >> `aa-unconfined` seems to ignore this, but `aa-status` tells me that the >> `system_tor` profile is well active. > > This is a bug in aa-unconfined. It's not been updated to take into > account the possibility of profile n

Re: [apparmor] [pkg-apparmor] Fwd: Re: aa-unconfined shows tor as being unconfined, aa-status says different

On Mon, Feb 02, 2015 at 10:22:27AM +, u wrote: > (Cc:ed Peter Palfrader (weasel), who maintains tor in Debian and the > Debian AppArmor Packaging Team.) > > While playing around with `aa-unconfined` i saw that /usr/bin/tor is > marked as not being confined. > > In Debian, `tor` comes with an