Am Wed, Jan 05, 2022 at 09:13:12PM +0100 schrieb Christian Boltz:
> AppArmor rules are in most cases declarative so that the order doesn't
> matter (exception: before you can extend a variable with "+=" you have
> to initialize it with "=").
>
> The current definition is technically not a bug, "just" confusing.
I agree it is not *technically* a bug.
> However, I agree that defining @{HOMEDIRS} before using it would make
> sense to make it less confusing for human parsers ;-)
Nevertheless, intent-wise it is because it also makes @{HOME}
not include anything from /home/ because @{HOMEDIRS} is
undefined when @{HOME} is set up ?
> Since the change is more cosmetic,
Unless I misunderstand apparmor profile logic it is not
purely cosmetic. It excludes "/home/*/" from @{HOME}.
Karsten
--
GPG 40BE 5B0E C98E 1713 AFA6 5BC0 3BEA AC80 7D4F C89B
