Public bug reported: [SRU] https://bugs.launchpad.net/ubuntu/+source/tellico/+bug/2120284
[ Impact ] * AppArmor profile for 'tellico' misformatted, which causes: - Profile fails to load on package installation. - AppArmor cannot be restarted (profiles cannot be reloaded because of the faulty profile installed by tellico). * The suggested upload [1] includes a simple fix to the profile. [ Test Plan ] * Install 'tellico' (4.1.1-1ubuntu2) on Plucky (or 4.1.3-1ubuntu1 on Questing): $ sudo apt update $ sudo apt install tellico [snip] Preparing to unpack .../tellico_4.1.1-1ubuntu2_amd64.deb ... Unpacking tellico (4.1.1-1ubuntu2) ... Setting up tellico (4.1.1-1ubuntu2) ... AppArmor parser error for /etc/apparmor.d/usr.bin.tellico in profile /etc/apparmor.d/usr.bin.tellico at line 33: syntax error, unexpected TOK_ID, expecting TOK_MODE * Try to restart AppArmor: $ sudo systemctl restart apparmor Job for apparmor.service failed because the control process exited with error code. See "systemctl status apparmor.service" and "journalctl -xeu apparmor.service" for details. $ sudo systemctl status apparmor.service [snip] Oct 08 06:32:19 telltest2504 systemd[1]: Starting apparmor.service - Load AppArmor profiles... Oct 08 06:32:19 telltest2504 apparmor.systemd[7795]: Restarting AppArmor Oct 08 06:32:19 telltest2504 apparmor.systemd[7795]: Reloading AppArmor profiles Oct 08 06:32:20 telltest2504 apparmor.systemd[7934]: AppArmor parser error for /etc/apparmor.d in profile /etc/apparmor.d/usr.bin.tellico at line 33: syntax error, unexpected TOK> Oct 08 06:32:20 telltest2504 apparmor.systemd[7795]: Error: At least one profile failed to load Oct 08 06:32:20 telltest2504 systemd[1]: apparmor.service: Main process exited, code=exited, status=1/FAILURE Oct 08 06:32:20 telltest2504 systemd[1]: apparmor.service: Failed with result 'exit-code'. Oct 08 06:32:20 telltest2504 systemd[1]: Failed to start apparmor.service - Load AppArmor profiles. * Modifying the AppArmor profile as suggested in the linked bug [0], as well as in the prepared MP [2] against ubuntu/devel, fixes the problem: tellico installs, and AppArmor can (re)load all profiles as expected. [ Where problems could occur ] * A faulty AppArmor profile (that can be loaded and allows the app to run) could introduce a security problem. Given that the suggested fix does not modify the access control (i.e. does not add, remove, or change defined rules) and only fixes syntax, I believe this potential problem does not apply in this case. [ Other Info ] * Tested with the same results (both the bug and the fix) on Plucky and Questing. * PPA with the fix for testing purposes is at [3]. * The package has no autopkgtests, so not reporting on that. * Devel is not yet open, so the package can't be fixed there, but an MP with a proposed fix is opened against ubuntu/devel, ready to be merged when devel becomes available [2]. I hope this satisfies the exception to "Development release fixed first": "stable release updates should not and do not need to wait for the development release to open, as long as the development release upload is prepared and ready" [4] [0] https://bugs.launchpad.net/ubuntu/+source/tellico/+bug/2120284 [1] https://code.launchpad.net/~rkratky/ubuntu/+source/tellico/+git/tellico/+merge/494043 [2] https://code.launchpad.net/~rkratky/ubuntu/+source/tellico/+git/tellico/+merge/493972 [3] https://launchpad.net/~rkratky/+archive/ubuntu/tellico-fix-lp2120284-apparmor [4] https://documentation.ubuntu.com/sru/en/latest/explanation/further-requirements/#explanation-devel-first ** Affects: tellico (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2127059 Title: [SRU] Tellico AppArmor profile fix To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tellico/+bug/2127059/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
