[pkg-apparmor] Bug#656451: Bug#656451: apparmor-profiles: unowned files after purge (policy 6.8, 10.8)
Jamie Strandboge
jamie at ubuntu.com
Tue Jun 9 14:47:44 UTC 2015
On 06/08/2015 05:34 PM, Felix Geyer wrote:
> Hi,
>
> On 09.06.2015 00:13, Andreas Beckmann wrote:
>> Followup-For: Bug #656451
>>
>> Looks like the unowned files have returned:
>>
>> 0m47.7s ERROR: FAIL: Package purging left files on system:
>> /etc/apparmor.d/local/bin.ping not owned
>> /etc/apparmor.d/local/sbin.klogd not owned
>> /etc/apparmor.d/local/sbin.syslog-ng not owned
>> [...]
>
> debian/rules calls /usr/bin/dh_apparmor if it exists.
> Since it doesn't build-depend on itself this is not the case in a minimal build environment.
>
> It should be possible to call the dh_apparmor from the source tree by setting
> DH_AUTOSCRIPTDIR to debian/debhelper/.
>
>
> More generally is there a good reason why dh_apparmor creates the
> /etc/apparmor.d/local/<profile> files in postinst instead of installing
> them as regular conffiles?
> That way we'd get the file removal handling for free.
>
We don't want them handled as conffiles because we don't want prompts on
upgrades. These are site-specific files and the idea is create it if it doesn't
exist and then leave it alone thereafter (this way the admin can modify this
file rather than the profile in /etc/apparmor.d, which is a conffile). That
said, purge should remove them and if it doesn't it should be fixed.
--
Jamie Strandboge | http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-apparmor-team/attachments/20150609/7980cb3c/attachment.sig>
More information about the pkg-apparmor-team
mailing list