Package: gpsd Version: 3.25-4+b2 Severity: normal gpsd uses the system() call to execute "/etc/gpsd/device-hook" (if it exists) the system() calls /bin/sh to process the command, which resolves to /usr/bin/dash on Debian system the /etc/apparmor.d/usr.sbin.gpsd does not contain an entry for /usr/bin/dash (just /bin/dash), therefore the execution fails with following error messages:
audit[857267]: AVC apparmor="DENIED" operation="exec" profile="/usr/sbin/gpsd" name="/usr/bin/dash" pid=857267 comm="gpsd" requested_mask="x" denied_mask="x" fsuid=127 ouid=0 gpsd[854708]: gpsd:INFO: running /etc/gpsd/device-hook /dev/ttyUSB1 ACTIVATE gpsd[854708]: gpsd:INFO: /etc/gpsd/device-hook returned 127 Possible fix: add the "/usr/bin/dash rix," entry to /etc/apparmor.d/usr.sbin.gpsd -- System Information: Debian Release: trixie/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-30-amd64 (SMP w/12 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: unable to detect Versions of packages gpsd depends on: ii adduser 3.137 ii libbluetooth3 5.79-1 ii libc6 2.40-5 ii libdbus-1-3 1.16.0-1 ii libgps30t64 3.25-4+b2 ii libusb-1.0-0 2:1.0.27-1+b1 ii netbase 6.4 ii python3 3.12.8-1 Versions of packages gpsd recommends: ii gpsd-tools 3.25-4+b2 ii udev 257.2-1 Versions of packages gpsd suggests: pn apparmor <none> ii dbus 1.16.0-1 pn gpsd-clients <none> -- Configuration Files: /etc/default/gpsd changed [not included] -- no debconf information
