Thanks for the check David. It intentionally runs under the same confinement as gpsd does to not break out too easily. You can modify you local allowance in: /etc/apparmor.d/local/usr.sbin.gpsd
That file is intended to take whatever you want to custom-change in the apparmor rules for gpsd. It will survive upgrades and will effectively be included by the packaged profile. So we can fix the bug reported here by the upload that I have prepared. I'll go on with the fix ... P.S. I'm still concerned about the operation="ptrace" peer="unconfined", but would need a functional issue due to those being blocked to open them up. Preferably then more fine grained than "all of them". If you happen to find what exactly triggers those and what might be missing due to that please let me know in a new bug. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1868363 Title: /etc/gpsd/device-hook not actually called To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gpsd/+bug/1868363/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
