[Pkg-xfce-devel] Bug#747252: Bug#747252: Bug#747252: Bug#747252: lightdm: AppArmor parser error in /etc/apparmor.d/abstractions/lightdm_chromium-browser

intrigeri intrigeri at debian.org
Thu Jun 5 14:04:01 UTC 2014


Yves-Alexis Perez wrote (05 Jun 2014 09:32:52 GMT) :
> It'd help if the original reporter could state its expectations.

I agree.

tl;dr: dropping this profile from the lightdm package would address
*my* expectations just fine, ease the work to improve Debian's
AppArmor support, and make Debian+AppArmor user experience smoother.
Please do it, or ask for a patch. Thanks :)

As someone working on improving AppArmor support in Debian, my
personal expectation wrt. this bug is to avoid creating the situation
where Debian users, who dared enabling AppArmor, are used to more or
less always see the `apparmor' service in failed state, because oh
well, there's always something that doesn't parse somewhere, but
nothing particularly critical.

Because when "broken state" is the norm, then it's hard to notice when
there's a real problem. And then, users (including me!) can't be
bothered to look at what failed to parse, let alone to file bug
reports, and then we release with bugs.

To avoid that the case at hand contributes to creating the painful
situation I've described above, we should either hack the profile so
that it parses fine (gave it a try today, doesn't seem trivial, not
worth the effort), or drop it.

If the information I read is correct, this profile brings absolutely
no security improvement, so I suggest to simply stop shipping it.

  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc

More information about the Pkg-xfce-devel mailing list