Good suggestion Andreas, I've updated the PR with a supplemental
/etc/apparmor.d/tunables/coreutils file that designates this macro. If
that's the desired approach go for it!
Tested successfully on previously failing kvm questing with wireguard
setup.
cat > coreutils <<EOF
# Provide aliases for multiple binary paths for usr tools.
# There is package differentation between gnu-coreutils and rust-coreutils
# which involves a symlink at the original /usr/bin/<tool> basename to targets
# /usr/bin/gnu<tool> or /usr/lib/cargo/bin/coreutils/<tool>
@{coreutilspath}=/{usr/,}{bin/,bin/gnu,lib/cargo/bin/coreutils/}
include if exists <tunables/coreutils.d>
EOF
cp coreutils /etc/apparmor.d/tunables/coreutils
cp wg-quick /etc/apparmor.d/wg-quick
systemctl restart wg-quick@wg0
echo $?
0
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2123870
Title:
apparmor wg-quick profile incompatible with gnu-coreutils symlinked
binaries
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2123870/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
