https://gerrit.libreoffice.org/#/c/48265/
On 2018-01-21 20:33, Rene Engelhard wrote:
Want to do a MR or should I just backport the patch myself?
I would like to try to backport it within upcoming week.
Package: src:vlc
Version: 2.2.7-1~deb9u1
Severity: normal
Dear Maintainer,
I wanted to build vlc with address sanitizer enabled to catch some
strange crashes, but strangely ASAN interferes with build process.
If I export these variables:
export DEB_BUILD_MAINT_OPTIONS=sanitize=+address,+undefin
Package: src:vlc
Version: 2.2.7-1~deb9u1
Severity: normal
Dear Maintainer,
We are developing application using VLC-Qt, that uses libvlc,
libvlcore libraries from Debian repository for displaying RTSP streams.
Everything was OK while application was running on Jessie amd64 machine.
When running
On 5/8/18 10:31 PM, Philipp Huebner wrote:
Hi,
what's the status here?
Regards,
Sorry, I have this task still on hold, because I'm having too much
TODO's in my AppArmor contribution list already, and I considered other
tasks being higher priority.
Although anyone could just create pull r
I cannot reproduce this issue, it seems it fixed somehow by itself, after some
full-upgrades I guess.
Sorry for bothering.
Package: apparmor-profiles-extra
Version: 1.14
Severity: important
Tags: upstream
Dear Maintainer,
Running `aa-logprof` produces this error:
ERROR: permission contains unknown character(s) Pux
I have grepped through /etc/apparmor.d:
$ sudo fgrep -R Pux /etc/apparmor.d/
/etc/apparmor.d/usr.bin.
On 2017.09.30 08:27, intrigeri wrote:
Interestingly
http://wiki.apparmor.net/index.php/AppArmor_Core_Policy_Reference#Execute_rules
says that Pux is supported since 2.5, so I wonder who's correct.
I've grep'ed through upstream apparmor-profiles repository too, there is no
single `Pux` usage.
Package: thunderbird
Version: 1:52.3.0-4~deb8u2
Severity: normal
User: apparmor-t...@lists.alioth.debian.org
Usertags: modify-profile
Dear Maintainer,
I have discovered AppArmor denies on Debian 7 (jessie) and Debina 8
(stretch), that prevent to load plugin ibraries:
On jessie (from icedtea-7-p
Package: tmux
Version: 2.6~rc3-1
Severity: normal
Dear Maintainer,
I have discovered that pressing Ctrl+L while in Konsole (KDE) within
tmux session does move cursor to the top of the console, but it does not
clear all previous output below.
Please see screenshot attached. I have executed:
$ hea
On 2017.09.30 22:43, Romain Francoise wrote:
This is probably a duplicate of #876362, can you try with konsole from
experimental?
Yes, konsole from experimental has this issue fixed,
Thanks!
After your call [0] write here to help.
What can I aquatically do? Install experimental kernel on VM and check if
profiles there and here does not produces denies?
[0]
https://lists.alioth.debian.org/pipermail/pkg-apparmor-team/2017-October/001762.html
Indeed, with 4.14 I got my first Debian network (potential) denies (yay! :-D ):
type=AVC msg=audit(1507226290.361:585): apparmor="ALLOWED" operation="recvmsg" profile="/usr/sbin/avahi-daemon" pid=526
comm="avahi-daemon" family="unix" sock_type="stream" protocol=0 requested_mask="receive" denied_
Package: thunderbird
Version: 1:60.0~b2-1
Severity: normal
Tags: upstream
User: pkg-apparmor-t...@lists.alioth.debian.org
Dear Maintainer,
AppArmor profile denies access to paths like
`/sys/devices/pci:00/:00:02.0/{vendor,device,uevent,...}`:
```
type=AVC msg=audit(1523552674.105:410): a
Woohoo!
What's next left, DBus?
On 4/20/18 11:45 AM, intrigeri wrote:
Linux v4.17-rc1 now supports basic socket mediation, which will allow
us to close this bug report:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=56974a6fcfef69ee0825bd66ed13e92070ac5224
:)
Package: calibre
Version: 3.39.1+dfsg-3
Severity: normal
Tags: upstream
Dear Maintainer,
Recently I have update my Kobo Glo software to 4.14.12777 (5ef5fd856f,
5/3/19) and now Calibre shows this message:
```
calibre, version 3.39.1
WARNING: Failed: Kobo database version unsupported - See details
Package: src:linux
Version: 5.4.6-1
Severity: important
Dear Maintainer,
After today upgrades my network started to hang after maybe half an hour
of usage, already experienced two times today, gonna boot into older kernel for
now...
This is trace from kern.log:
```
Dec 29 09:56:24 vinco kernel:
Same with 5.4.8-1
Found similar issue in kernel mailing list:
https://lkml.org/lkml/2019/11/30/119
I don't know anything about these "jumbo frames" thought, but problem is
similar to my issue.
Disabling offloading helps as workaround, see:
https://lore.kernel.org/netdev/81548409-2fd3-9645-eeaf-ab8f7789b...@gmail.com/
Package: sysdig
Version: 0.13.0-2
Severity: important
Dear Maintainer,
I've started sysdig with this filter on some remote machine:
`sysdig "evt.category=file and evt.args contains .ttf"`
And it hanged after few seconds. I've reproduced this (though kern.log
has only junk) on my local laptop run
I've tried simple filter "evt.res=ENOACCESS", and it crashed once I've
started `cat` and hit "ctrl+c" on it. Crash on signal?
I fail to get valid kern.log entries during these crashes with my
local machine or virtual box, only that original server crash saved
normal kern.log lines with some crash
Package: virtualbox-qt
Version: 6.1.0-dfsg-1
Severity: important
Dear Maintainer,
After today upgrades, virtualbox-qt fails to start:
```
$ /usr/bin/VirtualBox
/usr/lib/virtualbox/VirtualBox: error while loading shared libraries:
UICommon.so: cannot open shared object file: No such file or dire
Package: ftp.debian.org
Severity: normal
openbve-data is data package for openbve, which is only available in
o-o-stable, while openbve-data is availabe througout releases and
available right now.
I believe it should be removed.
Package: clementine
Version: 1.4.0~rc1+dfsg-1
Severity: normal
Dear Maintainer,
Pressing Fn + Arrow keys (on Asus N551JM laptop) no longer
perform stop/pause-play/next/previous action. Looks like it
is coincidental with latest update on Sid.
-- System Information:
Debian Release: bullseye/sid
Package: munin-plugins-core
Version: 2.0.44-1~bpo9+1
Severity: normal
Dear Maintainer,
I have noticed that postgres_connections_* graphs started rendering zero
height graphs after upgrading munin from Streth Backports. This is
output example:
```
# munin-run postgres_connections_ALL
active.value
Package: qtox
Version: 1.16.3-1
Severity: wishlist
Tags: upstream
User: pkg-apparmor-t...@lists.alioth.debian.org
Usertags: new-profile
Dear Maintainer,
I'm happy to see that we now have qTox in Debian! Thanks to Maintainer!
It would be even cooler to have it confined with AppArmor. qTox
maintai
On 2019-01-04 14:05, Yangfl wrote:
I'd love to see any improvement in program quality. As you're willing
to create the AppArmor profile, I'd like to suggest you to directly
submit your changes to upstream; just open a pr in their github repo
https://github.com/qTox/qTox .
I have mixed feelings
I've started discussion in debian-i18n list, asking for guidance:
https://lists.debian.org/debian-i18n/2019/01/msg0.html
On 2019-01-05 14:33, intrigeri wrote:> Vincas Dargis:
intrigeri what's your take on this? Where should new profiles be
"placed"?
Having the policy live along with the software it confines, i.e.
in the upstream VCS, is ideal, as long as upstream somewhat cares
about it
Ye
https://github.com/qTox/qTox/issues/5484
On 2019-01-07 11:46, Yangfl wrote:
Hi,
Do you have such profile now? I'm preparing the last release for
buster. If so, please submit asap since the freezing is approaching.
No, I don't. I am not particularly targeting Buster, so feel free to release
whenever convenient.
I a planing to start
On 2019-01-07 13:30, Ian Jackson wrote:
Vincas, thanks for reporting this bug on the debian-i18n list.
I think it needs a much higher profile.
We already have AppArmor bug [0].
Intention of debian-i18n is to figure is it possible to "automate" translation upon
AppArmor/language installation.
Package: ejabberd
Version: 17.08-3
Severity: normal
Tags: patch
Dear Maintainer,
I have discovered number of DENIED messages produced by AppArmor, due to the
fact that I have `usrmerge` package installed, and some additional rules
missing:
```
type=AVC msg=audit(1512580362.337:361): apparmor="
Package: ejabberd
Version: 17.08-3
Severity: wishlist
User: pkg-apparmor-t...@lists.alioth.debian.org
Usertags: new-profile
Dear Maintainer,
I have seen call for help maintaining this package [0], and thought that one way
to help with that is by upstreaming AppAmror profile to `apparmor-profiles
Package: apparmor
Version: 2.11.1-4
Severity: wishlist
Dear Maintainer,
Currently `tunables/xdg-user-dirs` has only english versions of common
user directories:
```
@{XDG_DESKTOP_DIR}="Desktop"
@{XDG_DOWNLOAD_DIR}="Downloads"
@{XDG_TEMPLATES_DIR}="Templates"
...
```
This means that abstractions
On 2017-12-10 11:39, Philipp Huebner wrote:
Since Debian has ongoing experiment to have AppArmor enabled by default in
Buster, I believe
it would be usefull to have AppArmor profile made good enought to be enabled by
default for
this internet-facing daemon too. Maybe this suggestion could make
On 2017-12-07 21:58, Schofield, Eric James wrote:
Using the file above does allow thunderbird to open up on my system. Going through the file -> open steps produced the
following output in dmesg:
Thanks for testing!
[skipping STATUS entries...]
[Thu Dec 7 13:50:03 2017] audit: type=1400 audi
On 2017-12-07 21:58, Schofield, Eric James wrote:
(thunderbird:20247): Gtk-WARNING **: Attempting to read the recently used resources file at
'/home/e/.local/share/recently-used.xbel', but the parser failed: Failed to open file
“/home/e/.local/share/recently-used.xbel”: Permission denied.
This
Package: thunderbird
Version: 1:52.5.0-1~deb8u1
Severity: normal
Tags: upstream
User: pkg-apparmor-t...@lists.alioth.debian.org
Usertags: help-needed
Dear Maintainer,
I have tried to use latest upstream Thunderbird profile available in
Debin VCS-Git on Debian Jessie (where this profile will ship
On Wed, 13 Dec 2017 14:19:13 +0100 Joachim Wuttke
wrote:
> How did you draw the conclusion that this system
> hang was caused by deinstalling the apparmor package?
After the Grub chooser, on default boot mode, I got
a black text screen, then one line, saying that /dev/sdb1
was clean, then noth
On Wed, 13 Dec 2017 11:17:41 +0100 =?utf-8?B?RsOpbGl4?= Sipma
wrote:
I found the following lines in my logs:
Dec 13 11:03:05 kernel: audit: type=1400 audit(1513159385.786:224): apparmor="ALLOWED" operation="signal"
profile="/usr/sbin/dovecot" pid=30693 comm="dovecot" requested_mask="send" den
On 2017-12-14 19:21, Joachim Wuttke wrote:
Could you check what packages on your system have installed have shipped
AppArmor profile, and so maybe causing the issue, like this:
dpkg -S /etc/apparmor.d/
# dpkg -S /etc/apparmor.d/
apparmor-profiles-extra, apparmor: /etc/apparmor.d
Thanks, tho
Regarding denied access to `.config/pulse/*.conf` files, I proposed fix for
that upstream:
https://gitlab.com/apparmor/apparmor/merge_requests/38
Simon, could you take a look into my MR:
https://gitlab.com/apparmor/apparmor-profiles/merge_requests/6
Thanks!
Looks like it's still the case on Unstable. Just upgraded linux-image-4.19.0-5-amd64:amd64 4.19.37-4
and VBox'es failed to start with some NS.. error. Reinstalling -dkms fixes the issue.
Sure, I'll reproduce this on my XFCE VM and work on upstreaming.
On 2019-09-29 10:13, Carsten Schoenert wrote:
Hello Vincas,
I'm happy to add this patch, but this should also go upstream I guess.
The modification could alo get merged into the existing line for
exo-helper-1.
Could you please hav
Interesting, on Sid with XFCE 4.14, Thunderbird uses `gio-launch-desktop` for
some reason:
```
[pid 5664] execve("/usr/lib/x86_64-linux-gnu/glib-2.0/gio-launch-desktop",
["/usr/lib/x86_64-linux-gnu/glib-2"..., "/usr/lib/firefox-esr/firefox-esr",
"https://bugs.debian.org/882048";], 0x7f87f7e3a
On Wed, 05 Jun 2019 15:47:48 +0200 Nabile wrote:> (I am not sure if
Thunderbird mainly uses GTK2, which only reads from
~/.themes, but since I symlinked ~/.themes to ~/.local/share/themes, it works
on my configuration. For those who don't symlink ~/.themes, it may be necessary
to add a third whi
On Thu, 11 Apr 2019 09:20:01 +0200 Erwan David
wrote:
Same problem with a Huawei P9 Lite (2017)
My problems are fixed now with libmtp 1.1.16 on Sid. Does it work now for you
too?
Package: nvidia-detect
Version: 430.34-1
Severity: normal
Dear Maintainer,
Running `nvidia-detect` on Sid produces this output:
```
$ nvidia-detect
Detected NVIDIA GPUs:
01:00.0 3D controller [0302]: NVIDIA Corporation GM107M [GeForce GTX
860M] [10de:1392] (rev a2)
Checking card: NVIDIA Corpor
Package: nvidia-kernel-dkms
Version: 418.74-1
Severity: normal
Dear Maintainer,
After getting Linux 5.2, I've noticed that `optirun` stopped working:
```
rugp. 09 10:49:57 vinco bumblebeed[823]: modprobe: FATAL: Module nvidia-current
not found in directory /lib/modules/5.2.0-2-amd64
rugp. 09 10
Package: powertop
Version: 2.8-1+b2
Severity: normal
Dear Maintainer,
Just tried to run `powertop` (after Linux 5.2 upgrade, but not sure if it
worked for me before, ever used it):
```
$ sudo powertop
modprobe cpufreq_stats failedCannot load from file
/var/cache/powertop/saved_results.powertop
C
On Wed, 9 Jan 2019 23:44:56 +0100 Sebastian Andrzej Siewior
wrote:
> It appears this is somehow related to overlay or tmpfs
Try changing:
```
/usr/bin/freshclam {
```
Into:
```
/usr/bin/freshclam flags=(attach_disconnected) {
```
Package: src:vlc
Version: 3.0.6-0+deb9u1
Severity: normal
Dear Maintainer,
This is how I try to capture Desktop:
* Launh VLC
* Got to File -> Convert / Save -> Capture Devices
* Select Desktop, enter 10fps, click Convert / Save button
* Select Video - MPEG-2... (or different, doesn't matter)
* C
Package: apparmor
Version: 2.13.2-3
Severity: normal
Tags: upstream patch
Dear Maintainer,
After recent Mesa updates on Sid, new denies are produced by some
applicaitons:
```
type=AVC msg=audit(1547905564.212:523): apparmor="DENIED"
operation="open" profile="supertuxkart" name="/usr/share/drirc.
On Fri, 08 Mar 2019 09:13:55 +0100 intrigeri wrote:
What's the actual impact of this bug? Any user-visible problem?
Makes other profiles useless under their threat model?
nvidia_modprobed is used by LibreOffice profile - it includes `opencl-nvidia` for OpenCL features in
LibreOffice Calc, and
On Mon, 11 Mar 2019 18:02:54 -0700 Seth Arnold
wrote:
On Fri, Mar 08, 2019 at 06:57:14PM +0200, Vincas Dargis wrote:
> Since LibreOffice is in complain mode by default, so I doubt this issue
I strongly dislike the idea of shipping any profiles in complain mode. I
would rather the profiles
Any progress with this?
It would be pity to have this (visually) ugly bug frozen in Buster :/ .
I just tested on GNOME Sid, also cannot access smartphone via MTP:
Mar 17 10:52:41 debian-sid-gnome gvfsd[1241]: error returned by libusb_claim_interface() = -6LIBMTP
PANIC: Unable to initialize device
Mar 17 10:52:42 debian-sid-gnome gvfsd[1241]: Device 0 (VID=2a47 and PID=2008)
is a bq Krill
This is duplicate of https://bugs.debian.org/921688
Control: severity -1 serious
From electrum.org:
"Warning: Electrum versions older than 3.3 can no longer connect to public servers, and must be
upgraded."
Electrum in Debian no longer "syncs", servers does not provide information for this version. It's
unusable, unless you install older elec
Package: yakuake
Version: 19.08.0-1
Severity: normal
Dear Maintainer,
My ~/.bash_aliases contains:
```
$ cat ~/.bash_aliases
alias rbitcoind="bitcoind -datadir=/home/vincas/.bitcoin_regtest"
alias rbcli="bitcoin-cli -datadir=/home/vincas/.bitcoin_regtest"
```
But if I run any of these alias-co
After some testing, I doubt this has anything to do with yakuake.
My `yakuake` profile starts `tmux` (/bin/bash -c tmux), and if I don't it works fine. If I start
`tmux` in Konsole, I get same issue...
So it's `tmux` that ignores .bash_aliases..?
On Fri, 9 Aug 2019 17:13:32 +0200 Karsten wrote:
Now i tried to add the alternate home-directory to the configuration.
>...
I restarted the service apparmor and then
# aa-complain thunderbird
ERROR: Values added to a non-existing variable @{HOMEDIRS}: /srv/ssd3/home/ in
tunables/home.d/site.
On 2019-01-27 15:57, intrigeri wrote:
Control: tag -1 + pending
Vincas Dargis:
MR is prepared:
https://gitlab.com/apparmor/apparmor/merge_requests/308
Thanks, cherry-picked.
I'm sorry, but relevant update is in flight:
https://gitlab.com/apparmor/apparmor/merge_requests/314
Package: apparmor
Version: 2.13.2-6
Severity: minor
Tags: upstream
Dear Maintainer,
After recent updates on Sid, multiple GUI applications (like
Thunderbird, Firefox, qTox) on KDE are hit by these kind of denies:
```
type=AVC msg=audit(1548784946.545:1896): apparmor="DENIED"
operation="open" pro
Package: ntp
Version: 1:4.2.8p10+dfsg-3+deb9u2
Severity: normal
Dear Maintainer,
logcheck sent me email with this kernel log message:
```
Jan 30 04:10:18 hostname kernel: [1188466.407270] ntp_80.241.208.[30453]:
segfault at 4000 ip 7f9cf2803676 sp 7ffd82efab38 error 4 in
libc-2.24.so[7
On 2019-01-30 23:42, Bernhard Übelacker wrote:
And I am just curious, but this "0x2f9b8" are just the "195000" from
the kernel log line? I am not sure, but would here not make
0x7f9cf2783000 - 0x7f9cf2803676 = 0x80676 more sense?
Maybe, not gonna debate, I'm not the expert here, simply did quic
On 2019-01-31 11:24, intrigeri wrote:> I can't reproduce this.
I can't reproduce this on my Sid Gnome/KDE VM's too :/
I see that you have modified a few tunables files locally.
I wonder if this affects how @{user_share_dirs} is used.
Can you please retry with a pristine config?
I've cleaned u
Package: kdepim-runtime
Version: 4:18.08.1-1
Severity: normal
Dear Maintainer,
After today upgrades, just after loggin in into KDE desktop, I get
notification about akonadi_akonotes_resouce crash. Restarting makes it
crash again. Here's the details:
```
Application: akonadi_akonotes_resource (ak
Package: smartmontools
Version: 6.5+svn4324-1
Severity: wishlist
Tags: upstream
Dear Maintainer,
Using Areca official proprietary `cli64` [0] utility to check
raidset/volume status (used by Nagios/Icinga monitoring tools) produces
"conflict" with `smartctl`. Munin and smartd monitoring fails at
On Sun, 23 Dec 2018 19:15:27 +0100 Michael Biebl wrote:
For a (temporary) workaround you can create a file
/etc/security/limits.d/systemd.conf containing:
* hard nofile 524288
That did the trick, thanks!
Package: libreoffice-common
Version: 1:7.3.0~rc2-2
Severity: normal
Tags: upstream
Dear Maintainer,
Looks like bug #905442 is back. We need rule with eight (and more) question
marks:
type=AVC msg=audit(1642615553.674:2636): apparmor="DENIED"
operation="mknod" profile="libreoffice-soffice"
name="
I've upgraded some machines to Bullseye, and logcheck.service started to fail:
```
Feb 07 00:00:01 hostname systemd[1]: Starting Rotate log files...
Feb 07 00:00:02 hostname logrotate[2138903]: error: iptraf-ng:2
duplicate log entry for /var/log/iptraf/*.log
Feb 07 00:00:02 hostname logrotate[2138
Package: bitcoind
Version: 22.0-1
Severity: grave
Justification: renders package unusable
Dear Maintainer,
Since 2021-10-12 bitcoind fails to start on my machine:
```
# fgrep leveldb /var/log/syslog
Oct 12 20:00:34 vinco bitcoind[1103]: /usr/bin/bitcoind: symbol lookup error:
/usr/bin/bitcoind:
Package: libtoxcore2
Version: 0.2.12-1+b1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: Debian Security Team
Dear Maintainer,
libtoxcore has CVE-2021-44847:
https://blog.tox.chat/2021/12/stack-based-buffer-overflow-vulnerability-in-udp-packet-handling-i
And what about Bullseye? Will there be security release for Debian stable?
I cannot reproduces this because remounting to produces "mount: /: mount point is
busy." error.
Sadly, `PRIMUS_UPLOAD=1 primusrun glxgears` does not work any more, also
segfaults:
Thread 2 "glxgears" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7f3a8041c700 (LWP 12698)]
0x7f3a8152b2ef in do_blit_drawpixels (pixels=0x0, unpack=0x7f3a78150598, type=5121,
format=32
Control: fixed -1 18.1.6-1
It started working with 18.1.6-1 update!
Why is this bug marked as Done?
Issue still persists with 4.17.0-2-amd64 on ASUS N551JM laptop.
If users (upgrading from Strech) are expected to execute these workarounds, maybe there should be
NEWS entry of some sort?
On Mon, 20 Aug 2018 15:16:52 -0700 Vagrant Cascadian wrote:
One "armmp-lpae" system appears to have successfully booted, but gets
many kernel messages along these lines:
[ 78.638348] INFO: rcu_sched detected stalls on CPUs/tasks:
[ 78.642433] 0-...: (0 ticks this GP) idle=29c/0/0 softirq=1
On 8/22/18 7:35 AM, Salvatore Bonaccorso wrote:
armhf packages:
https://people.debian.org/~carnil/tmp/linux/armhf/
armmp-lpae works fine on Odroid-HC1 SBC (Samsung Exynos5422 ARM® Cortex™-A15 Quad 2.0GHz/Cortex™-A7
Quad 1.4GHz)
On Sun, 26 Aug 2018 10:58:50 +0200 Kamil Jonca wrote:
After last upgrade of apparmor, soffice command end with error, and in log we
can see:
audit: type=1400 audit(1535272402.067:422): apparmor="ALLOWED" operation="exec" info="profile transition not found" error=-
On 9/7/18 5:55 PM, Carsten Schoenert wrote:
Hello Vincas, hello Simon,
seems this is the first report against TB 60 related to AppArmor. ;)
Can have please a look on this?
(Including the needed BTS tagging)
Yep just noticed this too, probably the core issue is denying to launch:
/usr/lib/x86
On Fri, 9 Nov 2018 14:25:12 +0100 Jakub Wilk wrote> It's
still reproducible for me:
$ strace -o '| grep -w EACCES' /usr/lib/firefox-esr/firefox-bin
...
openat(AT_FDCWD, "/usr/share/fonts/truetype/mononoki/.uuid.TMP-lrzetE",
O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE|O_CLOEXEC, 0600) = -1 EACCES (Permi
I am removing variable usage in Thunderbird profile name:
https://gitlab.com/apparmor/apparmor-profiles/merge_requests/31
https://salsa.debian.org/mozilla-team/thunderbird/merge_requests/2
Package: munin-node
Version: 2.0.42-5~bpo9+1
Severity: minor
Dear Maintainer,
After upgrading to 2.0.42-5 from backports, logcheck on multiple Stretch
machines started to capture this new message:
```
Nov 14 22:25:04 dl380 systemd-tmpfiles[13769]:
[/usr/lib/tmpfiles.d/munin-node.conf:2] Duplica
This is the content of file:
```
# cat /usr/lib/tmpfiles.d/munin-node.conf
# keep in sync with debian/munin.munin-(node|async).init (non-systemd)
d /run/munin 0755 munin munin
d /var/log/munin 0755 munin adm
```
On Wed, 24 Oct 2018 01:14:54 +0200 Lars Kruse wrote:
Could you please check whether reverting the changes introduced with
https://github.com/munin-monitoring/munin/commit/d7e138176e9a09b883031544e523e33e5ef9238b
would fix this issue for you?
Yes, commenting out "paramdatabase" line in _locks p
Control: tags -1 +patch
Control: forwarded -1 https://gitlab.com/apparmor/apparmor/merge_requests/62
On Wed, 19 Sep 2018 19:10:48 +0200 intrigeri wrote:
> It appears that Thunderbird now needs access to /etc/ld.so.conf on
> Stretch, while AppArmor profile does not allow that:
What's the practi
On Mon, 29 Oct 2018 20:32:21 +0200 Vincas Dargis wrote:
Looks like I've already fixed it some time ago:
Although, that's only for latest AppArmor, meanwhile it will not help for Debian Stable releases. On
the over hand, maybe deny is introduced by some newer library, which is only
intrigeri, what is rationale for upping it to "normal"?
Maybe you would like/expect to have it in Buster? Maybe some one plans to upstream Ubuntu profile,
etc. :)
I would really like to have it, but looking at Thunderbird experience, we kinda lack abstractions
for launching almost arbitrary
On 2018-10-30 20:59, intrigeri wrote:
Vincas Dargis:
intrigeri, what is rationale for upping it to "normal"?
What do you mean? Today I merely tagged this bug "upstream".
Oh, sorry, right, it was changed from wishlist to normal in "Sun, 29 Oct 2017 11:21:06 GMT&q
This deny does reproduce on Stretch too, but not on Jessie.
I guess I could just provide backport for Salsa repository for Stretch, as it is irrelevant for
Buster or any new release, as it's fixed in newer AppArmor itself.
Control: fixed -1 2.13.1-2
I cannot reproduce this any more, thanks!
We have now mesa abstraction in Buster that fixes this bug... but so what? I guess I'll have to add
yet another [0] backport to upstream profile because it exists not only for Buster...
I am thinking to propose LibreOffice upstream to split profile into apparmor-x.yz directories to
match polici
Ping?
301 - 400 of 471 matches
Mail list logo