Package: geoclue-2.0 Version: 2.7.2-2 Severity: normal Dear Maintainer,
The profile at /etc/apparmor.d/usr.libexec.geoclue shipped with trixie results in the service failing to start, there are errors: ``` kernel: audit: type=1400 audit(1753168291.299:1301): apparmor="DENIED" operation="connect" class="file" profile="/usr/libexec/geoclue" name="/run/dbus/system_bus_socket" pid=53660 comm="pool-0" requested_mask="wr" denied_mask="wr" fsuid=118 ouid=0 ``` Using the latest version at the `ubuntu/devel` branch at https://code.launchpad.net/ubuntu/+source/geoclue-2.0 fixes the issue after restarting the services. The file should be attached bellow. -- System Information: Debian Release: 13.0 APT prefers testing-security APT policy: (500, 'testing-security'), (500, 'testing-debug'), (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 6.14.8-2-pve (SMP w/24 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages geoclue-2.0 depends on: ii adduser 3.152 ii libavahi-client3 0.8-16 ii libavahi-common3 0.8-16 ii libavahi-glib1 0.8-16 ii libc6 2.41-11 ii libglib2.0-0t64 2.84.3-1 ii libjson-glib-1.0-0 1.10.6+ds-2 ii libmm-glib0 1.24.0-1 ii libnotify4 0.8.6-1 ii libsoup-3.0-0 3.6.5-3 Versions of packages geoclue-2.0 recommends: ii avahi-daemon 0.8-16 ii iio-sensor-proxy 3.7-3 pn modemmanager <none> ii wpasupplicant 2:2.10-24 geoclue-2.0 suggests no packages. -- Configuration Files: /etc/apparmor.d/usr.libexec.geoclue changed: abi <abi/3.0>, include <tunables/global> /usr/libexec/geoclue flags=(attach_disconnected) { include <abstractions/base> include <abstractions/dbus-strict> include <abstractions/gnome> include <abstractions/nameservice> /etc/geoclue/geoclue.conf r, /etc/geoclue/conf.d/ r, /etc/geoclue/conf.d/*.conf r, /etc/geolocation r, /proc/sys/net/ipv6/conf/all/disable_ipv6 r, /proc/*/cgroup r, /usr/libexec/geoclue mr, # own dbus name dbus bind bus=system name=org.freedesktop.GeoClue2, dbus send bus=system path=/org/freedesktop/DBus interface=org.freedesktop.DBus member={RequestName,ReleaseName} peer=(name=org.freedesktop.DBus), # register objects dbus (send receive) bus=system path=/org/freedesktop/GeoClue2{,/**} interface={org.freedesktop.GeoClue2{,.*},org.freedesktop.DBus.*}, # auth dbus send bus=system path=/org/freedesktop/DBus interface=org.freedesktop.DBus member={GetConnectionUnixUser,GetConnectionUnixProcessID} peer=(name=org.freedesktop.DBus), # use Avahi dbus send bus=system path=/ interface=org.freedesktop.DBus.Peer member=Ping peer=(name=org.freedesktop.Avahi), dbus send bus=system path=/ interface=org.freedesktop.Avahi.Server peer=(name=org.freedesktop.Avahi), dbus (send receive) bus=system path=/Client[0-9]*/ServiceBrowser[0-9]* interface=org.freedesktop.Avahi.ServiceBrowser, # use wpa_supplicant dbus (send receive) bus=system path=/fi/w1/wpa_supplicant1{,/**} interface={fi.w1.wpa_supplicant1{,.*},org.freedesktop.DBus.Properties}, dbus receive bus=system path=/org/freedesktop interface=org.freedesktop.DBus.ObjectManager member=InterfacesRemoved, # use ModemManager dbus send bus=system path=/org/freedesktop/ModemManager1 interface={org.freedesktop.DBus.ObjectManager,org.freedesktop.DBus.Properties}, # use NetworkManager dbus send bus=system path=/org/freedesktop interface=org.freedesktop.DBus.ObjectManager member=GetManagedObjects, dbus (send receive) bus=system path=/org/freedesktop/NetworkManager{,/**} interface={org.freedesktop.NetworkManager{,.*},org.freedesktop.DBus.Properties}, # Site-specific additions and overrides. See local/README for details. #include if exists <local/usr.libexec.geoclue> } -- no debconf information
