Hello, maybe you already heard that some distributions (at least Fedora and openSUSE) are going to move binaries from /bin/ to /usr/bin/ (and create a compatibility symlink in /bin/).
If that's new to you, have a look at http://en.opensuse.org/openSUSE:Usr_merge http://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge As a side effect, existing profiles like bin.ping won't protect ping after it has been moved to /usr/bin. >From the binaries with a default profile, this affects /bin/ping. The various sbin.* will probably follow one day (they were not moved yet, therefore I don't include them in the patch for now). Long story short, here's the patch: === modified file 'profiles/apparmor.d/bin.ping' --- profiles/apparmor.d/bin.ping 2010-08-05 19:00:02 +0000 +++ profiles/apparmor.d/bin.ping 2012-07-01 11:05:38 +0000 @@ -10,7 +10,7 @@ # ------------------------------------------------------------------ #include <tunables/global> -/bin/ping { +/{usr/,}bin/ping { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> Regards, Christian Boltz -- Ein Experte ist ein Mensch, den man in letzter Minute hinzuzieht, um einen Mitschuldigen zu haben. -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
