device-hook apparmor fixes (LP: #1868363)

Christian Ehrhardtrequested to merge
paelzer-guest/pkg-gpsd:device-hook-apparmor-fixes into master

The manpage defines a hook that is called by gpsd which due to current confinement it is unable to run.

  • d/usr.sbin.gpsd: allow to call the /etc/gpsd/device-hook in the apparmor profile
  • d/usr.sbin.gpsd: allow to map and execute the own binary as needed in some containers
  • d/usr.sbin.gpsd: allow to run common shell interpreters bash/dash

That hook will run within the confinement of gpsd, so if it is expected to do anything more special a user will have to allow that in /etc/apparmor.d/local/usr.sbin.gpsd

Merge request reports