Ubuntu
apparmor package

#include files should be in apparmor itself

Bug #130114 reported by Martin Pitt
4
Affects Status Importance Assigned to Milestone
apparmor (Ubuntu)
Fix Released
Medium
Mathias Gug
Ubuntu tribe-4

Bug Description

Binary package hint: apparmor

Right now /etc/apparmor.d/abstractions/ and tunables/ are shipped in apparmor-profiles. However, since that one is in universe, we do not install it by default and thus the include files are not available by default.

However, they should be: they make writing profiles much easier and more modular, and admins who install custom profiles should have them available.

This would also make it possible for packages like cupsys to ship their own AA profiles. Right now this fails because it cannot find the #includes.

Revision history for this message
Mathias Gug (mathiaz) wrote :

I've updated my branch to move abstractions/ and tunables/ in apparmor package.

Changed in apparmor:
assignee: nobody → mathiaz
importance: Undecided → Medium
status: New → In Progress
Revision history for this message
Sarah Kowalik (hobbsee-deactivatedaccount) wrote :

I think i'm getting this too - on upgrading today:

Setting up cupsys-common (1.2.12-1ubuntu3) ...
Setting up cupsys (1.2.12-1ubuntu3) ...
Reloading AppArmor profiles Error: #include <tunables/global> not found at line 5 in /etc/apparmor.d/usr.sbin.cupsd.
Error: #include <abstractions/base> not found at line 8 in /etc/apparmor.d/usr.sbin.cupsd.
Error: #include <abstractions/bash> not found at line 9 in /etc/apparmor.d/usr.sbin.cupsd.
Error: #include <abstractions/dbus> not found at line 10 in /etc/apparmor.d/usr.sbin.cupsd.
Error: #include <abstractions/fonts> not found at line 11 in /etc/apparmor.d/usr.sbin.cupsd.
Error: #include <abstractions/nameservice> not found at line 12 in /etc/apparmor.d/usr.sbin.cupsd.
Error: #include <abstractions/perl> not found at line 13 in /etc/apparmor.d/usr.sbin.cupsd.
Error: #include <abstractions/user-tmp> not found at line 14 in /etc/apparmor.d/usr.sbin.cupsd.
 Profile /etc/apparmor.d/usr.sbin.cupsd failed to load
: Failed.
invoke-rc.d: initscript apparmor, action "force-reload" failed.
 * Starting Common Unix Printing System: cupsd [ OK ]

Revision history for this message
Martin Pitt (pitti) wrote :

Let's get this cleaned up for the Tribe. Mathias, shall I sponsor you?

Revision history for this message
Mathias Gug (mathiaz) wrote :

apparmor (2.0.1+510.dfsg-0ubuntu25) gutsy; urgency=low

  * debian/rules: move tunables/ and abstractions/ in apparmor package.
    Fixes LP: #130114.

 -- Mathias Gug <email address hidden> Mon, 06 Aug 2007 14:40:37 -0400

Changed in apparmor:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.