[apparmor] Bluetooth raw socket?

John Johansen john.johansen at canonical.com
Wed Jan 9 01:21:34 UTC 2013

On 01/08/2013 04:58 PM, Aaron Lewis wrote:
> Hi,
> Looks like raw socket itself doesn't include bluetooth socket,
>       capability net_raw,
>       network packet raw,
hrmm, I would need to check the kernel code but I think bluetooth
does check capability net_raw. That would mean apparmor would
require it as well but it is only part of what is needed to grant
permission to the bluetooth raw socket.

you will also need
  network bluetooth,

  network bluetooth raw,

> And I got log:
> [ 3860.636975] type=1400 audit(1357692729.070:203): apparmor="DENIED"
> operation="create" parent=17667 profile="/usr/bin/wireshark" pid=17677
> comm="dumpcap" family="bluetooth" sock_type="raw" protocol=1
> Wireshark doesn't run dumpcap ..
> Thanks!

More information about the AppArmor mailing list