Dear Rene!
Jak podają anonimowe źródła, przepowiedziano, że Rene Engelhard napisze: > Hi again, > > Am 25.02.25 um 06:19 schrieb Rene Engelhard: > > Am 24.02.25 um 23:25 schrieb Jacek Kawa: > > > With current apparmor version in sid (4.1.0~beta5-2) > > > /etc/apparmor.d/usr.lib.libreoffice.program.soffice.bin fails to parse > > > and load. > > > > > > > > > > > > -steps to reproduce: -------------------------- > > > # apparmor_parser -r usr.lib.libreoffice.program.soffice.bin > > > Too many states (113206) for type state_t > > > > Didn't check myself in a sid. But not sure. > > > > > > See the autopkgtest which does test this: > > > > https://ci.debian.net/packages/libr/libreoffice/unstable/amd64/58106098/ > > (the log is > > https://ci.debian.net/data/autopkgtest/unstable/amd64/libr/libreoffice/58106098/log.gz): > [...] > > Doesn't happen in a clean sid vm either. See attached screenshot. > > Regards, > Rene 1. debsums -e shows every standard apparmor.d as OK/clean, 2. same problem with stock kernel (6.12.16-amd64), 3. cannot reproduce in my other SID machine. However, based on the second machine preprocessed profile I was able to pin-point the problem to: --- bad 2025-02-25 14:29:01.752813380 +0100 +++ good 2025-02-25 14:30:37.570399763 +0100 @@ -155,8 +155,7 @@ # The following is a space-separated list of where additional user home # directories are stored, each must have a trailing '/'. Directories added # here are appended to @{HOMEDIRS}. See tunables/home for details. -@{HOMEDIRS}+=/home/dropbox/ - +#@{HOMEDIRS}+= With /home/drobpox added ages ago and actually non-existing. dpkg-reconfigure apparmor -> remove offending entry and everything works fine now. A bit of experimenting: - a valid path outside home -> fine, - a valid path being nested in home -> 108s of processing, - an invalid path not nested in /home -> fine, I can guess now, that having additional "home" nested in the default one might not be a good idea. In other words: 1. from my perspective the problem is solved, 2. having any additional home nested in the default home location causes this very specific profile to fail under current apparmor. Best regards -- Jacek Kawa
