AppArmor regex in `common_steps.rb` soon to become obsolete
Commit 8c4b785 in the mainline Linux kernel, "apparmor: add mediation class information to auditing", introduced a new field - the mediation class - to the audit kernel logs starting from v6.2. Due to this change, the AppArmor regex in the step definition When /^AppArmor has (not )?denied "([^"]+)" from opening "([^"]+)"$/
will soon become obsolete (bookworm-backports and testing are both on v6.6, and unstable is on v6.7).
One possible fix maintaining backwards compatibility is
- 'apparmor="DENIED" operation="open" profile="%<profile>s" name="%<file>s"',
+ 'apparmor="DENIED" operation="open" \(class="[a-zA-Z]*" \)\?profile="%<profile>s" name="%<file>s"',
In Tails tests, the new class
field only takes on the value "file"
currently, but this may change in the future and I doubt defining a new step variable would be of much use.