[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Pkg-xfce-devel] Bug#747252: Bug#747252: lightdm: AppArmor parser error in /etc/apparmor.d/abstractions/lightdm_chromium-browser

On Tue, 2014 May  6 21:40+0200, Yves-Alexis Perez wrote:
> > 
> > apparmor[12873]: Starting AppArmor profiles:AppArmor parser error
> > for /etc/apparmor.d/lightdm-guest-session in
> > /etc/apparmor.d/abstractions/lightdm_chromium-browser at line 20:
> > syntax error, unexpected TOK_CONDID, expecting TOK_ID or TOK_COLON
> Well, I guess that's related to #736075 and #742829, but I'm not
> fluent enough in apparmor to know how to fix that, so, any help is
> really welcome here.

I'm fairly sure these parsing errors are due to syntax newer than what
Debian's version of AppArmor supports. Ubuntu is using bleeding-edge
releases of the userspace tools, after all, and a heavily patched
kernel to match.

That said, I'm not seeing an error from lightdm_chromium-browser:20 as
Marek has. As he appears to be running sid (whereas I'm running jessie),
and so should have same/newer versions of everything, I've no idea what
may be going on there.

For my part, the errors I was seeing occurred on the following lines in

  # allow processes in the guest session to signal and ptrace each other
  signal peer=@{profile_name},         <--- PARSE ERROR
  ptrace peer=@{profile_name},         <--- PARSE ERROR
  # needed when logging out of the guest session
  signal (receive) peer=unconfined,    <--- PARSE ERROR

I'd figure commenting out these lines should be harmless, not least
since Debian doesn't support lightdm guest sessions yet---and by the
time it does, the parser should be ready for these directives.

Reply to: