committing changes in /etc after apt run

Package changes:
-bash-completion 1:2.8-1 all
+bash-completion 1:2.8-2 all
-cpp 4:8.2.0-1 amd64
+cpp 4:8.2.0-2 amd64
-debootstrap 1.0.109 all
+debootstrap 1.0.110 all
-distro-info-data 0.38 all
+distro-info-data 0.39 all
-g++ 4:8.2.0-1 amd64
+g++ 4:8.2.0-2 amd64
-gcc 4:8.2.0-1 amd64
+gcc 4:8.2.0-2 amd64
-libmariadbclient18 1:10.1.35-1 amd64
+libmariadbclient18 1:10.1.37-1 amd64
-libnm0 1.14.4-2 amd64
+libnm0 1.14.4-3 amd64
-libsigc++-2.0-0v5 2.10.0-2.1 amd64
+libsigc++-2.0-0v5 2.10.1-1 amd64
-libxapian30 1.4.7-4 amd64
+libxapian30 1.4.9-1 amd64
-man-db 2.8.4-2+b1 amd64
+man-db 2.8.4-3 amd64
-network-manager 1.14.4-2 amd64
+network-manager 1.14.4-3 amd64
-ppp 2.4.7-2+3 amd64
+ppp 2.4.7-2+4 amd64
-python-nacl 1.2.1-3 amd64
+python-nacl 1.3.0-2 amd64
-python-pkg-resources 40.4.3-1 all
+python-pkg-resources 40.5.0-1 all
-python-setuptools 40.4.3-1 all
+python-setuptools 40.5.0-1 all
-python3-nacl 1.2.1-3 amd64
+python3-nacl 1.3.0-2 amd64
-python3-pkg-resources 40.4.3-1 all
+python3-pkg-resources 40.5.0-1 all
-python3-setuptools 40.4.3-1 all
+python3-setuptools 40.5.0-1 all

diff --git a/apparmor.d/usr.bin.man b/apparmor.d/usr.bin.man
index c44ce72416cd05ce6bc3f83c1501dd6cbcf8eeb0..569aec91131e07501cd4f629400de82a72b60b59 100644 (file)
--- a/apparmor.d/usr.bin.man
+++ b/apparmor.d/usr.bin.man
@@ -34,12 +34,14 @@
   # nice in the future, but is tricky since it's quite configurable), but to
   # confine the processes it calls that parse untrusted data.
   /** mrixwlk,
+  unix,
 
   capability setuid,
   capability setgid,
 
-  signal peer=man_groff,
-  signal peer=man_filter,
+  signal peer=@{profile_name},
+  signal peer=/usr/bin/man//&man_groff,
+  signal peer=/usr/bin/man//&man_filter,
 
   # Site-specific additions and overrides.  See local/README for details.
   #include <local/usr.bin.man>
@@ -68,6 +70,8 @@ profile man_groff {
   /usr/share/groff/** r,
 
   signal peer=/usr/bin/man,
+  # @{profile_name} doesn't seem to work here.
+  signal peer=/usr/bin/man//&man_groff,
 }
 
 profile man_filter {
@@ -92,4 +96,6 @@ profile man_filter {
   /** r,
 
   signal peer=/usr/bin/man,
+  # @{profile_name} doesn't seem to work here.
+  signal peer=/usr/bin/man//&man_filter,
 }