Page MenuHomePhabricator

fix tor-controlport-filter AppArmor profile
Closed, ResolvedPublic

Description

Since we ported to tor-controlport-filter it needs to be renamed and fixed.

https://github.com/Whonix/control-port-filter-python/blob/master/etc/apparmor.d/usr.sbin.cpfpd

Details

Impact
Normal

Event Timeline

Patrick created this task.Dec 24 2016, 7:53 PM

Changes to the security profile
https://github.com/joysn/control-port-filter-python/blob/master/etc/apparmor.d/usr.lib.tor-controlport-filter
https://github.com/joysn/control-port-filter-python/commit/34070b35c91b7262697dbefec3944b496d0da18d#diff-3aea4b328b5988f1301b6b1ad4d79359

The changes done in this merge should be harmless (more of a grep and replace), the obvious ones. Tested and nothing broke with these changes.
More changes (stricter profile) may be required after more testing.

Patrick closed this task as Resolved.Jan 12 2017, 10:38 PM

Nice! Tested and merged.

Btw, please also consider...

sudo apt-get install apparmor-notify

and/or

grep -i denied /var/log/syslog