Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#68417 - [firejail] upgrading firejail overwrites modifications in /etc/apparmor.d/local/firejail-default
Attached to Project:
Community Packages
Opened by Jan Sonntag (jmetrius) - Sunday, 25 October 2020, 20:26 GMT
Last edited by Sergej Pupykin (sergej) - Tuesday, 27 October 2020, 23:36 GMT
Opened by Jan Sonntag (jmetrius) - Sunday, 25 October 2020, 20:26 GMT
Last edited by Sergej Pupykin (sergej) - Tuesday, 27 October 2020, 23:36 GMT
|
DetailsDescription:
When upgrading firejail or reinstalling the package using pacman -S, custom changes to /etc/apparmor.d/local/firejail-default are overwritten with an empty profile. Changes in this location are supposed to be stable between updates and not be interfered with by package managers (see: https://gitlab.com/apparmor/apparmor/-/blob/master/profiles/apparmor.d/local/README) Steps to reproduce: 1. Modify /etc/apparmor.d/local/firejail-default 2. Reinstall the package using pacman -S firejail 3. Check /etc/apparmor.d/local/firejail-default -> custom changes are lost Solution: Don't install the file, if it already exists. |
This task depends upon
Closed by Sergej Pupykin (sergej)
Tuesday, 27 October 2020, 23:36 GMT
Reason for closing: Fixed
Additional comments about closing: Replaced with 'etc/apparmor.d/local/firejail-defa ult' in backup array.
Tuesday, 27 October 2020, 23:36 GMT
Reason for closing: Fixed
Additional comments about closing: Replaced with 'etc/apparmor.d/local/firejail-defa ult' in backup array.
This is the check, that upstream does to decide if the local/firejail-default file is to be installed (Makefile.in):
# install apparmor profile customization file
sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/apparmor.d/local/firejail-default ]; then install -c -m 0644 etc/apparmor/firejail-local $(DESTDIR)/$(sysconfdir)/apparmor.d/local/firejail-default; fi;
So they don't reinstall the file if it exists, but I why that doesn't work in the context of Arch packages