[apparmor] [profile] usr.sbin.userdel: two commands not found in Ubuntu; the same rules used twice.
daniel curtis
sidetripping at gmail.com
Sun Jul 16 09:57:08 UTC 2017
Hello
Today I've noticed, that 'usr.sbin.userdel' profile, found in
/usr/share/doc/apparmor-profiles/extras/ folder, seems to be not very
"compatible" with *ubuntu (in this case 16.04 LTS Release.) Now, I'll
explain what I mean.
'usr.sbin.userdel' profile contains two rules, related to userdel(8), which
is a low level utility for removing users etc., right? However, these
rules/commands do not exist in the *ubuntu distributions. These are:
✗ /usr/sbin/userdel-post.local
✗ /usr/sbin/userdel-pre.local
During searching for additional informations about these commands, it
turned out that they are a part of the shadow package (for example, version
4.2.1-4.1), but on OpenSUSE distribution.
I wanted to have one hundred percent sure, so I was looking for a both
commands, on my 16.04 LTS install, but it leaded to: "No such file or
directory" result.
If it's about "/usr/sbin/userdel-post.local"; this command is run after
removing a user. On the other hand, "/usr/sbin/userdel-pre.local", is run
before removing a user. But these are probably not important informations,
right?
I think that both commands should be removed from a profile shipped with
Ubuntu AppArmor package. But, thats is just my personal opinion. Nothing
more, nothing less.
Now, the second issue: I've noticed also two, the same rules, commands,
used in 'usr.sbin.userdel' profile. These are:
44. /usr/sbin/userdel rmix,
(...)
47. /usr/sbin/userdel rmix,
These numbers, indicating the places in which these rules occurring. Of
course, in a default profile from /usr/share/doc/apparmor-profiles/extras/
folder. I think one of those rules should or could be removed from the
profile.
Anyway, I think patch will be very small ;- ) But what are your opinions?
What all of you think about these issues?
I'm sorry for writing about these things. At last, they are not something
big or important, right? I simply noticed this, during auditing AppArmor
profiles etc.
Thanks, best regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20170716/c369546e/attachment.html>
More information about the AppArmor
mailing list