security-misc/usr/share/pam-configs
Patrick Schleizer c192644ee3
security-misc /usr/share/pam-configs/permission-lockdown-security-misc is no longer required, removed.
Thereby fix apparmor issue.

> Dec 08 09:47:50 host audit[3232]: AVC apparmor="DENIED" operation="exec" profile="/usr/bin/whonixcheck" name="/usr/lib/security-misc/permission-lockdown" pid=3232 comm="sudo" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
> Dec 08 09:47:50 host sudo[3232]: pam_exec(sudo:session): execve(/usr/lib/security-misc/permission-lockdown,...) failed: Permission denied

It is no longer required, because...

existing linux user accounts:

* Get permission lock down because security-misc `debian/security-misc.postinst` calls `/usr/lib/security-misc/permission-lockdown`.

new linux user accounts (created at first boot):

* security-misc `/usr/share/pam-configs/mkhomedir-security-misc` pam mkhomedir sets secure permissions using `umask=027`.
2019-12-08 05:21:35 -05:00
..
console-lockdown-security-misc pam description 2019-12-08 02:10:43 -05:00
mkhomedir-security-misc security-misc /usr/share/pam-configs/permission-lockdown-security-misc is no longer required, removed. 2019-12-08 05:21:35 -05:00
pam-abort-on-locked-password-security-misc PAM: abort on locked password 2019-08-17 10:33:47 +00:00
tally2-security-misc higher priority usr/share/pam-configs/tally2-security-misc 2019-12-08 03:15:53 -05:00
wheel-security-misc PAM: abort on locked password 2019-08-17 10:33:47 +00:00