security-misc `/usr/share/pam-configs/permission-lockdown-security-mi…

…sc` is no longer required, removed.

Thereby fix apparmor issue.

> Dec 08 09:47:50 host audit[3232]: AVC apparmor="DENIED" operation="exec" profile="/usr/bin/whonixcheck" name="/usr/lib/security-misc/permission-lockdown" pid=3232 comm="sudo" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
> Dec 08 09:47:50 host sudo[3232]: pam_exec(sudo:session): execve(/usr/lib/security-misc/permission-lockdown,...) failed: Permission denied

It is no longer required, because...

existing linux user accounts:

* Get permission lock down because security-misc `debian/security-misc.postinst` calls `/usr/lib/security-misc/permission-lockdown`.

new linux user accounts (created at first boot):

* security-misc `/usr/share/pam-configs/mkhomedir-security-misc` pam mkhomedir sets secure permissions using `umask=027`.

debian/control

@@ -212,14 +212,15 @@ Description: enhances misc security settings
  Removes read, write and execute access for others for all users who have
  home folders under folder /home by running for example
  "chmod o-rwx /home/user"
- during package installation, upgrade or pam. This will be done only once per
+ during package installation, upgrade or pam mkhomedir. This will be done only
+ once per
  folder in folder /home so users who wish to relax file permissions are free to
  do so. This is to protect previously created files in user home folder which
  were previously created with lax file permissions prior installation of this
  package.
  debian/security-misc.postinst
- /usr/share/pam-configs/permission-lockdown-security-misc
  /usr/lib/security-misc/permission-lockdown
+ /usr/share/pam-configs/mkhomedir-security-misc
  .
  access rights relaxations:
  .

usr/share/pam-configs/mkhomedir-security-misc

@@ -4,4 +4,4 @@ Priority: 100
 Session-Type: Additional
 Session-Interactive-Only: yes
 Session:
-	optional	pam_mkhomedir.so
+	optional	pam_mkhomedir.so umask=027