tunables/global doesn't include all defined variables
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| apparmor (Ubuntu) |
Invalid
|
Low
|
Unassigned | ||
Bug Description
The comment at the top of tunables/global says:
# All the tunables definitions that should be available to every profile
# should be included here
But not all defined variables are included:
$ grep include global
# should be included here
#include <tunables/home>
#include <tunables/
#include <tunables/proc>
#include <tunables/alias>
#include <tunables/
#include <tunables/
vs
$ ls -1
alias
apparmorfs
dovecot
global
home
home.d
kernelvars
multiarch
multiarch.d
ntpd
proc
securityfs
sys
xdg-user-dirs
xdg-user-dirs.d
Thanks
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: apparmor 2.8.95~
ProcVersionSign
Uname: Linux 3.13.0-40-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.6
Architecture: amd64
CurrentDesktop: Unity
Date: Fri Dec 5 17:21:51 2014
InstallationDate: Installed on 2012-10-18 (778 days ago)
InstallationMedia: Ubuntu 12.04.1 LTS "Precise Pangolin" - Release amd64 (20120823.1)
ProcKernelCmdline: BOOT_IMAGE=
SourcePackage: apparmor
Syslog:
UpgradeStatus: Upgraded to trusty on 2014-04-12 (238 days ago)
modified.
mtime.conffile.
| Seth Arnold (seth-arnold) wrote | #1 |
| intrigeri (intrigeri) wrote | #2 |
| Mathew Hodson (mhodson) wrote | #3 |
| Changed in apparmor (Ubuntu): | |
| importance: | Undecided → Low |
| status: | New → Invalid |
I'm not sure I get what's the problem: what exact variable (or tunable file containing variables) do you think should be made available "to every profile", and is currently not?
My understanding of this comment (as a non-native English speaker) is that there is a possibility that some tunables (e.g. the dovecot and ntpd ones) are not globals, don't need to be made available to every profile, and thus should not be included in tunables/global. It makes sense to me from a design PoV, and also from a profile author PoV. Did I miss anything?