This pages provides information on reporting bugs against packages related to AppArmor or packages that ship AppArmor profiles.
Contents
Diagnose
Please follow the debug steps to know if your bug might have been caused by AppArmor
If you think a bug is really caused by a malfunctioning AppArmor profile, read on.
Provide logs and inspect AppArmor's state on the system
Provide the log lines containing DENIED:
# from the systemd journal sudo journalctl -kaf --no-hostname | grep -w 'apparmor="DENIED"' # if systemd-journald is not running sudo tail -f /var/log/auditd/auditd.log /var/log/syslog | grep -w 'apparmor="DENIED"'
Usertags
If you think you've found a bug in an AppArmor profile provided either by apparmor-profiles-extra or a Debian package which ships its own profile, you should report a bug against one of these packages.
However as the Debian Bug Tracking System is package-centric, only the package maintainers will be automatically made aware of your bug report. That is why we kindly ask you to add a usertag to your bug report, so that the Debian AppArmor Packaging Team is notified as well. Then we can help you check if AppArmor is involved, and to fix the bug if that's the case.
See all usertags for user pkg-apparmor-team AT lists.alioth.debian.org.
We have agreed to use certain tags. Please tag with the user pkg-apparmor-team@lists.alioth.debian.org and use the following tags:
use the tag help-needed, to request help for initial diagnosis
use the tag buggy-profile if AppArmor has been identified as culprit
use the tag merge-to-upstream if an AppArmor profile has been modified for Debian and changes should be merged back upstream
use the tag modify-profile if a package maintainer should modify an already shipped profile. This implies that changes should be merged upstream and into the Debian package.
use the tag merge-from-upstream if you want to request an update to a shipped AppArmor profile to include upstream improvements
use the tag new-profile if you want to request that a new profile is included, or if you work on this new profile and try to get it merged upstream
use the tag platform if you encounter problems with AppArmor support in any related tool (systemd, auditd, syslog, etc.)
If you see the need for another tag not listed here, please contact us.
Quick how to usertag a bug
By email
Basically, you would send an email to control@bugs.debian.org with the following content:
user pkg-apparmor-team@lists.alioth.debian.org usertags #123456 + merge-to-upstream thanks
where "123456" is your bug number, and "merge-to-upstream" the tag you want to add to the bug.
There can be multiple lines with different usertags in such an email.
Delete a usertag like this:
user pkg-apparmor-team@lists.alioth.debian.org usertags #123456 - merge-to-upstream thanks
This would delete the tag "merge-to-upstream" on bug number #123456
Using the CLI
The bts command is provided by the devscripts package.
bts user pkg-apparmor-team@lists.alioth.debian.org . usertags #123456 + merge-to-upstream
where "123456" is your bug number, and "merge-to-upstream" the tag you want to add to the bug.
Bugs related to AppArmor
Bugs in the packages we maintain
Bugs in the apparmor package.
Usertagged bugs