[apparmor] [Bug 800826] Re: aa-notify doesn't display certain apparmor events
Launchpad Bug Tracker
800826 at bugs.launchpad.net
Thu Apr 12 16:27:01 UTC 2012
This bug was fixed in the package apparmor - 2.7.102-0ubuntu3
---------------
apparmor (2.7.102-0ubuntu3) precise; urgency=low
[ Jamie Strandboge ]
* debian/patches/0007-ubuntu-manpage-updates.patch: update apparmor(5)
to describe Ubuntu's two-stage policy load and how to add utilize it
when developing policy (LP: #974089)
[ Serge Hallyn ]
* debian/apparmor.init: do nothing in a container. This can be
removed once stacked profiles are supported and used by lxc.
(LP: #978297)
[ Steve Beattie ]
* debian/patches/0008-apparmor-lp963756.patch: Fix permission mapping
for change_profile onexec (LP: #963756)
* debian/patches/0009-apparmor-lp959560-part1.patch,
debian/patches/0010-apparmor-lp959560-part2.patch: Update the parser
to support the 'in' keyword for value lists, and make mount
operations aware of 'in' keyword so they can affect the flags build
list (LP: #959560)
* debian/patches/0011-apparmor-lp872446.patch: fix logprof missing
exec events in complain mode (LP: #872446)
* debian/patches/0012-apparmor-lp978584.patch: allow inet6 access in
dovecot imap-login profile (LP: #978584)
* debian/patches/0013-apparmor-lp800826.patch: fix libapparmor
log parsing library from dropping apparmor network events that
contain ip addresses or ports in them (LP: #800826)
* debian/patches/0014-apparmor-lp979095.patch: document new mount rule
syntax and usage in apparmor.d(5) manpage (LP: #979095)
* debian/patches/0015-apparmor-lp963756.patch: Fix change_onexec
for profiles without attachment specification (LP: #963756,
LP: #978038)
* debian/patches/0016-apparmor-lp968956.patch: Fix protocol error when
loading policy to kernels without compat patches (LP: #968956)
* debian/patches/0017-apparmor-lp979135.patch: Fix change_profile to
grant access to /proc/attr api (LP: #979135)
-- Steve Beattie <sbeattie at ubuntu.com> Thu, 12 Apr 2012 06:17:42 -0500
** Changed in: apparmor (Ubuntu Precise)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
https://bugs.launchpad.net/bugs/800826
Title:
aa-notify doesn't display certain apparmor events
Status in AppArmor Linux application security framework:
Fix Released
Status in “apparmor” package in Ubuntu:
Fix Released
Status in “apparmor” source package in Precise:
Fix Released
Bug description:
This works properly:
[153157.745909] type=1400 audit(1308767024.828:3705): apparmor="DENIED" operation="open" parent=24000 profile="/usr/lib/firefox-5.0/firefox{,*[^s][^h]}" name="/opt/server/photos/100_0243.JPG" pid=24791 comm="plugin-containe" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
This doesn't get displayed at all:
[153073.826757] type=1400 audit(1308766940.698:3704): apparmor="DENIED" operation="sendmsg" parent=24737 profile="/usr/bin/evince-thumbnailer" pid=24743 comm="evince-thumbnai" laddr=192.168.66.150 lport=765 faddr=192.168.66.200 fport=2049 family="inet" sock_type="stream" protocol=6
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: apparmor-notify 2.6.1-0ubuntu3
ProcVersionSignature: Ubuntu 2.6.38-10.44-generic 2.6.38.7
Uname: Linux 2.6.38-10-generic x86_64
Architecture: amd64
Date: Wed Jun 22 14:30:37 2011
InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Alpha amd64 (20110302)
PackageArchitecture: all
ProcEnviron:
LANGUAGE=en_CA:en
PATH=(custom, user)
LANG=en_CA.UTF-8
SHELL=/bin/bash
ProcKernelCmdline: BOOT_IMAGE=/boot/vmlinuz-2.6.38-10-generic root=UUID=66b32bb3-1e18-436e-8f6e-62b8419ed48d ro quiet splash vt.handoff=7
ProcVersionSignature_: Ubuntu 2.6.38-10.44-generic 2.6.38.7
SourcePackage: apparmor
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/800826/+subscriptions
More information about the AppArmor
mailing list