Package: release.debian.org Severity: normal Tags: bullseye User: release.debian....@packages.debian.org Usertags: pu
Hi, I would like to update the AppArmor profile for tcpdump in bullseye to match the one in bookworm; the changes don't really qualify for a stable update per se, but they are trivial and would be important quality-of-life improvements for users who are not knowledgeable about AppArmor and don't understand why they get -EPERM in some cases. The update would fix the following bugs (both "normal"): * "AppArmor grants access to *.pcap but not *.cap" https://bugs.debian.org/989433 * "apparmor profile prevents -C -W" https://bugs.debian.org/1010688 Full debdiff is attached. Thanks.
diffstat for tcpdump-4.99.0 tcpdump-4.99.0 changelog | 8 ++++++++ usr.bin.tcpdump | 4 ++++ 2 files changed, 12 insertions(+) diff -Nru tcpdump-4.99.0/debian/changelog tcpdump-4.99.0/debian/changelog --- tcpdump-4.99.0/debian/changelog 2021-01-15 23:41:47.000000000 +0100 +++ tcpdump-4.99.0/debian/changelog 2022-05-22 18:22:50.000000000 +0200 @@ -1,3 +1,11 @@ +tcpdump (4.99.0-2+deb11u1) bullseye; urgency=medium + + * Minor AppArmor profile updates (debian/usr.bin.tcpdump): + + Grant access to *.cap (closes: #989433). + + Account for numerical suffix in filenames added by -W (closes: #1010688). + + -- Romain Francoise <rfranco...@debian.org> Sun, 22 May 2022 18:22:50 +0200 + tcpdump (4.99.0-2) unstable; urgency=medium * Add autopkgtest support, running the upstream test suite. diff -Nru tcpdump-4.99.0/debian/usr.bin.tcpdump tcpdump-4.99.0/debian/usr.bin.tcpdump --- tcpdump-4.99.0/debian/usr.bin.tcpdump 2021-01-03 21:25:50.000000000 +0100 +++ tcpdump-4.99.0/debian/usr.bin.tcpdump 2022-05-22 18:19:03.000000000 +0200 @@ -54,6 +54,10 @@ # for -r, -F and -w /**.[pP][cC][aA][pP] rw, + /**.[cC][aA][pP] rw, + # -W adds a numerical suffix + /**.[pP][cC][aA][pP][0-9]* rw, + /**.[cC][aA][pP][0-9]* rw, # for convenience with -r (ie, read pcap files from other sources) /var/log/snort/*log* r,
