[apparmor] [Bug 652674] Re: logprof doesn't handle log messages without denied or requested masks correctly

Ubuntu QA's Bug Bot bug-stats at murraytwins.com
Mon Sep 19 21:31:40 UTC 2011 

** Tags added: testcase

-- 
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
https://bugs.launchpad.net/bugs/652674

Title:
  logprof doesn't handle log messages without denied or requested masks
  correctly

Status in AppArmor Linux application security framework:
  Fix Released
Status in AppArmor 2.5 series:
  Fix Released
Status in “apparmor” package in Ubuntu:
  Fix Released
Status in “apparmor” source package in Lucid:
  Fix Released
Status in “apparmor” source package in Maverick:
  Fix Released
Status in “apparmor” source package in Natty:
  Fix Released

Bug description:
  SRU

  1. when loading, unloading and replacing policy, AppArmor leaves a
  message in kern.log. When aa-logprof encounters this, it will spew
  many confusing warning messages.

  2. The bug has not been addressed in the development branch (natty is
  not open yet)

  3. Patch is from r1440 of 2.5 branch (linked to this bug)

  4. TEST CASE:
  $ echo 'Oct 14 07:14:13 bug652674 kernel: [ 5.429706] type=1400 audit(1287058453.835:9): apparmor="STATUS" operation="profile_load" name="/usr/share/gdm/guest-session/Xsession" pid=1201 comm="apparmor_parser"' > /tmp/log
  $ sudo aa-logprof -f /tmp/log # may be prompted to enable the repository. Choose 'Ask later'

  5. The regression potential is considered low. The fix does not affect
  the boot or shutdown process.

  
  Binary package hint: apparmor

  When aa-logprof runs into log messages that don't have denied or
  requested masks, like the following status message, it ends up trying
  to perform a string operation on an undefined variable which causes
  warnings to be printed to the console.

      [    9.633452] type=1400 audit(1285899118.285:5):
  apparmor="STATUS" operation="profile_replace" name="/sbin/dhclient3"
  pid=912 comm="apparmor_parser"

  I'm attaching a patch to fix this.

  ProblemType: Bug
  DistroRelease: Ubuntu 10.10
  Package: apparmor 2.5.1~rc1-0ubuntu2
  ProcVersionSignature: Ubuntu 2.6.35-22.33-generic 2.6.35.4
  Uname: Linux 2.6.35-22-generic x86_64
  NonfreeKernelModules: nvidia
  Architecture: amd64
  Date: Thu Sep 30 21:16:25 2010
  InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Release Candidate amd64 (20100928)
  ProcEnviron:
   PATH=(custom, user)
   LANG=en_US.utf8
   SHELL=/bin/bash
  SourcePackage: apparmor

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/652674/+subscriptions

More information about the AppArmor mailing list