Package: apparmor Version: 2.13.2-3 Severity: normal Tags: upstream patch Dear Maintainer,
After recent Mesa updates on Sid, new denies are produced by some applicaitons: ``` type=AVC msg=audit(1547905564.212:523): apparmor="DENIED" operation="open" profile="supertuxkart" name="/usr/share/drirc.d/" pid=15740 comm="supertuxkart" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 ``` ``` type=AVC msg=audit(1547905896.307:548): apparmor="DENIED" operation="open" profile="supertuxkart" name="/usr/share/drirc.d/00-mesa-defaults.conf" pid=15963 c omm="supertuxkart" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 ``` MR is prepared: https://gitlab.com/apparmor/apparmor/merge_requests/308 I hope this gets into Buster. I guess these kind of fixes are allowd until final freeze, or even later? -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=lt_LT.UTF-8, LC_CTYPE=lt_LT.UTF-8 (charmap=UTF-8), LANGUAGE=lt (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages apparmor depends on: ii debconf [debconf-2.0] 1.5.70 ii libc6 2.28-5 ii lsb-base 10.2018112800 ii python3 3.7.2-1 apparmor recommends no packages. Versions of packages apparmor suggests: ii apparmor-profiles-extra 1.24 ii apparmor-utils 2.13.2-3 -- Configuration Files: /etc/apparmor.d/abstractions/audio changed [not included] /etc/apparmor.d/abstractions/fonts changed [not included] /etc/apparmor.d/abstractions/kde changed [not included] /etc/apparmor.d/abstractions/mesa changed [not included] /etc/apparmor.d/abstractions/ubuntu-email changed [not included] /etc/apparmor.d/tunables/kernelvars changed [not included] /etc/apparmor.d/tunables/securityfs changed [not included] /etc/apparmor.d/tunables/sys changed [not included] -- debconf information excluded