Revert "Move apparmor-info, apparmor-watch to security-misc, enable systemd-journald audit transport"

This reverts commit d1e148eba7.
2025-11-27 04:16:55 -05:00 · 2025-10-31 10:24:31 -04:00 · 2025-10-31 10:24:31 -04:00 · aae472d9cf
commit aae472d9cf
parent 3b2092ee76
9 changed files with 0 additions and 164 deletions
--- a/auto-generated-man-pages/apparmor-info.8
+++ b/auto-generated-man-pages/apparmor-info.8
@ -1,25 +0,0 @@
 .\" generated with Ronn-NG/v0.10.1
 .\" http://github.com/apjanke/ronn-ng/tree/0.10.1
 .TH "APPARMOR\-INFO" "8" "January 2020" "security-misc" "security-misc Manual"
 .SH "NAME"
 \fBapparmor\-info\fR \- Shows AppArmor DENIED Log Messages
 .SH "SYNOPSIS"
 \fBapparmor\-info\fR
 .SH "DESCRIPTION"
 Shows AppArmor DENIED log messages\.
 .P
 If there are no DENIED log messages, outputs nothing\.
 .SH "RETURN VALUES"
 .IP "\(bu" 4
 \fB0\fR No DENIED messages found, OK\.
 .IP "\(bu" 4
 \fB1\fR DENIED messages found\.
 .IP "" 0
 .SH "EXAMPLE"
 \fBsudo apparmor\-info ; echo $?\fR
 .P
 \fB0\fR
 .P
 No output from \fBapparmor\-info\fR with exit code \fB0\fR\. Meaning, no \fBDENIED\fR messages found, OK\.
 .SH "AUTHOR"
 This man page has been written by Patrick Schleizer (adrelanos@whonix\.org)\.
--- a/auto-generated-man-pages/apparmor-watch.8
+++ b/auto-generated-man-pages/apparmor-watch.8
@ -1,13 +0,0 @@
 .\" generated with Ronn-NG/v0.10.1
 .\" http://github.com/apjanke/ronn-ng/tree/0.10.1
 .TH "APPARMOR\-WATCH" "8" "January 2020" "security-misc" "security-misc Manual"
 .SH "NAME"
 \fBapparmor\-watch\fR \- Watch AppArmor DENIED and ALLOWED Log Messages
 .SH "SYNOPSIS"
 \fBapparmor\-watch\fR
 .SH "DESCRIPTION"
 Watches for AppArmor \fBDENIED\fR and \fBALLOWED\fR log messages\.
 .SH "EXAMPLE"
 \fBsudo apparmor\-watch\fR
 .SH "AUTHOR"
 This man page has been written by Patrick Schleizer (adrelanos@whonix\.org)\.
--- a/debian/rules
+++ b/debian/rules
@ -8,10 +8,5 @@
 %:
 	dh $@ --with=config-package
 override_dh_installman:
 	mkdir --parents -- debian/security-misc-shared/usr/share/man/man8
 	gzip -c -9 -- auto-generated-man-pages/apparmor-info.8 > debian/security-misc-shared/usr/share/man/man8/apparmor-info.8.gz
 	gzip -c -9 -- auto-generated-man-pages/apparmor-watch.8 > debian/security-misc-shared/usr/share/man/man8/apparmor-watch.8.gz
 override_dh_installchangelogs:
 	dh_installchangelogs changelog.upstream upstream
--- a/debian/security-misc-shared.install
+++ b/debian/security-misc-shared.install
@ -118,8 +118,6 @@ usr/lib/sysctl.d/30_silent-kernel-printk.conf#security-misc-shared => /usr/lib/s
 usr/lib/sysctl.d/990-security-misc.conf#security-misc-shared => /usr/lib/sysctl.d/990-security-misc.conf
 usr/lib/sysctl.d/30_security-misc_kexec-disable.conf#security-misc-shared => /usr/lib/sysctl.d/30_security-misc_kexec-disable.conf
 usr/lib/sysctl.d/30_security-misc_ptrace-disable.conf#security-misc-shared => /usr/lib/sysctl.d/30_security-misc_ptrace-disable.conf
 usr/sbin/apparmor-info#security-misc-shared => /usr/sbin/apparmor-info
 usr/sbin/apparmor-watch#security-misc-shared => /usr/sbin/apparmor-watch
 usr/share/glib-2.0/schemas/30_security-misc.gschema.override#security-misc-shared => /usr/share/glib-2.0/schemas/30_security-misc.gschema.override
 usr/share/doc/security-misc/fstab-vm#security-misc-shared => /usr/share/doc/security-misc/fstab-vm
 usr/share/pam-configs/faillock-preauth-security-misc#security-misc-shared => /usr/share/pam-configs/faillock-preauth-security-misc
--- a/debian/security-misc-shared.postinst
+++ b/debian/security-misc-shared.postinst
@ -103,9 +103,6 @@ case "$1" in
            chmod 0600 "${usbguard_config_file}"
          fi
        done
        ## Enable systemd-journald audit transport
        deb-systemd-helper enable systemd-journald-audit.socket
    ;;
    abort-upgrade|abort-remove|abort-deconfigure)
--- a/man/apparmor-info.8.ronn
+++ b/man/apparmor-info.8.ronn
@ -1,34 +0,0 @@
 apparmor-info(8) -- Shows AppArmor DENIED Log Messages
 =============================================
 <!--
 # Copyright (C) 2020 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 # See the file COPYING for copying conditions.
 -->
 ## SYNOPSIS
 `apparmor-info`
 ## DESCRIPTION
 Shows AppArmor DENIED log messages.
 If there are no DENIED log messages, outputs nothing.
 ## RETURN VALUES
 * `0` No DENIED messages found, OK.
 * `1` DENIED messages found.
 ## EXAMPLE
 `sudo apparmor-info ; echo $?`
 `0`
 No output from `apparmor-info` with exit code `0`.
 Meaning, no `DENIED` messages found, OK.
 ## AUTHOR
 This man page has been written by Patrick Schleizer (adrelanos@whonix.org).
--- a/man/apparmor-watch.8.ronn
+++ b/man/apparmor-watch.8.ronn
@ -1,23 +0,0 @@
 apparmor-watch(8) -- Watch AppArmor DENIED and ALLOWED Log Messages
 =============================================
 <!--
 # Copyright (C) 2020 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 # See the file COPYING for copying conditions.
 -->
 ## SYNOPSIS
 `apparmor-watch`
 ## DESCRIPTION
 Watches for AppArmor `DENIED` and `ALLOWED` log messages.
 ## EXAMPLE
 `sudo apparmor-watch`
 ## AUTHOR
 This man page has been written by Patrick Schleizer (adrelanos@whonix.org).
--- a/usr/sbin/apparmor-info#security-misc-shared
+++ b/usr/sbin/apparmor-info#security-misc-shared
@ -1,35 +0,0 @@
 #!/bin/bash
 ## Copyright (C) 2020 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.
 ## https://forums.whonix.org/t/full-system-apparmor-policy-testers-wanted/10381/22
 ## Not using sudo hardcoded below.
 ## https://forums.whonix.org/t/full-system-apparmor-policy-testers-wanted/10381/29
 if [ "$(id -u)" != "0" ]; then
   echo "ERROR: Must run as root." >&2
   echo "sudo $0" >&2
   exit 112
 fi
 ## Default.
 exit_code=0
 ## Parses AppArmor denial logs to hide unnecessary information and remove duplicates.
 output_denied="$(journalctl _TRANSPORT=audit --output cat "${@}" | grep "DENIED" | sed -e 's/pid=.* comm/comm/g' | sed -e 's/ fsuid.*//g' | awk '!x[$0]++')"
 if [ ! "$output_denied" = "" ]; then
   exit_code=1
   echo "$output_denied"
 fi
 output_allowed="$(journalctl _TRANSPORT=audit --output cat "${@}" | grep "ALLOWED" | sed -e 's/pid=.* comm/comm/g' | sed -e 's/ fsuid.*//g' | awk '!x[$0]++')"
 if [ ! "$output_allowed" = "" ]; then
   exit_code=1
   echo "$output_allowed"
 fi
 exit "$exit_code"
--- a/usr/sbin/apparmor-watch#security-misc-shared
+++ b/usr/sbin/apparmor-watch#security-misc-shared
@ -1,24 +0,0 @@
 #!/bin/bash
 ## Copyright (C) 2020 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.
 ## https://forums.whonix.org/t/full-system-apparmor-policy-testers-wanted/10381/22
 ## Not using sudo hardcoded below.
 ## https://forums.whonix.org/t/full-system-apparmor-policy-testers-wanted/10381/29
 if [ "$(id -u)" != "0" ]; then
   echo "ERROR: Must run as root." >&2
   echo "sudo $0" >&2
   exit 112
 fi
 while read -r -d $'\n' line; do
   line=$(echo "$line" | grep "ALLOWED\|DENIED")
   line=$(echo "$line" | sed -e 's/pid=.* comm/comm/g')
   line=$(echo "$line" | sed -e 's/ fsuid.*//g')
   if [ "$line" = "" ]; then
      continue
   fi
   echo "$line"
 done < <( journalctl _TRANSPORT=audit --follow --lines=0 --output cat "${@}" )