From: David Runge firstname.lastname@example.org Sent: Sat Sep 22 17:43:51 CEST 2018 To: Geo Kozey email@example.com Cc: General Discussion about Arch Linux firstname.lastname@example.org Subject: Re: [arch-general] AppArmor support
On 2018-09-22 15:13:20 (+0200), Geo Kozey wrote:
After  sed rules are applied to all apparmor config files, not just profiles which results in unwanted errors:
configparser.DuplicateOptionError: While reading from '/etc/apparmor/logprof.conf' [line 47]: option '/usr/bin/bash' in section 'qualifiers' already exists
You should limit it to profiles only as it was before.
Thanks for the info! That was indeed a problem, but not because of the profile modifications. I did way too broad replacements in logprof.conf, that led to the duplicate entries you are experiencing (as there are entries for /bin and /usr/bin for most binaries).
I have now fixed this in 2.13.0-6 (by carefully only replacing the use of sbin where needed). Please let me know, if this works as intended for you!
It's almost there ;)
'/usr/bin/subdomain_parser' under [qualifiers] is still duplicated.
I'm not sure if 'apparmor_parser' and 'subdomain_parser' under [settings] have to be modified. IMO they should work as symlinks too.
BTW: users transition from AUR may be complicated as now apparmor package will contain files available in apparmor-* split packages before. Maybe you have to add 'replaces=' for split packages.