[apparmor] [PATCH 2/3] Fix permission mapping for change_profile onexec
John Johansen
john.johansen at canonical.com
Thu Mar 22 20:11:44 UTC 2012
On 03/22/2012 12:46 PM, Steve Beattie wrote:
> On Thu, Mar 22, 2012 at 11:44:54AM -0700, John Johansen wrote:
>> The kernel has an extended test for change_profile when used with
>> onexec, that allows it to only work against set executables.
>>
>> The parser is not correctly mapping change_profile for this test
>> update the mapping so change_onexec will work when confined.
>>
>> Note: the parser does not currently support the extended syntax
>> that the kernel test allows for, this just enables it to work
>> for the generic case.
>
> With this change, there are about 18 failures in the parser testsuite.
> Do you know what's going wrong there?
>
yeah sorry it didn't get refreshed, new patch will be incoming soon
once they go through parser and regression tests
More information about the AppArmor
mailing list