On Thu, Jan 06, 2022 at 08:38:32PM +0100, Christian Boltz wrote:
> Am Mittwoch, 5. Januar 2022, 23:09:01 CET schrieb Karsten Hilbert:
> > Unless I misunderstand apparmor profile logic it is not
> > purely cosmetic. It excludes "/home/*/" from @{HOME}.
>
> That's the difference between a human
Hello,
Am Mittwoch, 5. Januar 2022, 23:09:01 CET schrieb Karsten Hilbert:
> Unless I misunderstand apparmor profile logic it is not
> purely cosmetic. It excludes "/home/*/" from @{HOME}.
That's the difference between a human parser (you) and apparmor_parser
;-) - you think of the profile as
Am Wed, Jan 05, 2022 at 09:13:12PM +0100 schrieb Christian Boltz:
> AppArmor rules are in most cases declarative so that the order doesn't
> matter (exception: before you can extend a variable with "+=" you have
> to initialize it with "=").
>
> The current definition is technically not a bug,
Hello,
AppArmor rules are in most cases declarative so that the order doesn't
matter (exception: before you can extend a variable with "+=" you have
to initialize it with "=").
The current definition is technically not a bug, "just" confusing.
However, I agree that defining @{HOMEDIRS} before
Package: apparmor
Version: 2.13.6-10
Severity: important
Dear Maintainers,
there seems to be a order-logic bug in
/etc/apparmor.d/tunables/home
That profile defines @{HOME} first:
@{HOME}=@{HOMEDIRS}/*/ /root/
and *later* defines @{HOMEDIRS}:
@{HOMEDIRS}=/home/
It
5 matches
Mail list logo
