committing changes in /etc made by "/usr/bin/apt full-upgrade -y"

Packages with configuration changes:
-swtpm 0.6.3-0ubuntu3 amd64
+swtpm 0.6.3-0ubuntu3.1 amd64

Package changes:
-swtpm 0.6.3-0ubuntu3 amd64
-swtpm-tools 0.6.3-0ubuntu3 amd64
+swtpm 0.6.3-0ubuntu3.1 amd64
+swtpm-tools 0.6.3-0ubuntu3.1 amd64

diff --git a/apparmor.d/usr.bin.swtpm b/apparmor.d/usr.bin.swtpm
index 386137b352369517bdea3b653a23aa8ea99284d6..56702adbcdcbe397c552053ed8be6046e493fe80 100644 (file)
--- a/apparmor.d/usr.bin.swtpm
+++ b/apparmor.d/usr.bin.swtpm
@@ -1,7 +1,7 @@
 # vim:syntax=apparmor
 # AppArmor policy for swtpm
 # Author: Lena Voytek <lena.voytek@canonical.com>
-# Last Modified: Fri Feb 18 10:23:53 2022
+# Last Modified: Tue Oct 11 10:53:05 2022
 
 #include <tunables/global>
 
@@ -12,7 +12,13 @@ profile swtpm /usr/bin/swtpm {
   # Site-specific additions and overrides. See local/README for details.
   #include <local/usr.bin.swtpm>
 
+  capability chown,
   capability dac_override,
+  capability dac_read_search,
+  capability fowner,
+  capability fsetid,
+  capability setgid,
+  capability setuid,
 
   network inet stream,
   network inet6 stream,
@@ -21,12 +27,14 @@ profile swtpm /usr/bin/swtpm {
 
   /usr/bin/swtpm rm,
 
-  owner /tmp/** rwk,
+  /tmp/** rwk,
+  owner @{HOME}/** rwk,
   owner /var/lib/libvirt/swtpm/** rwk,
   /run/libvirt/qemu/swtpm/*.sock rwk,
   owner /var/log/swtpm/libvirt/qemu/*.log rwk,
   owner /run/libvirt/qemu/swtpm/*.pid rwk,
   owner /dev/vtpmx rw,
+  owner /etc/nsswitch.conf r,
   owner /var/lib/swtpm/** rwk,
   owner /run/swtpm/sock rw,
 }