[apparmor] [patch] honor 'chmod' events in logparser.py / aa-logprof
Christian Boltz
apparmor at cboltz.de
Sun Mar 29 17:30:06 UTC 2015
Hello,
aa-logprof doesn't ask anything for
type=AVC msg=audit(1427633461.202:281): apparmor="DENIED" operation="chmod" profile="/usr/lib64/firefox/plugin-container" name="/home/cb/.config/ibus/bus/" pid=7779 comm="plugin-containe" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
This patch fixes this by adding 'chmod' to the list of file operation
types in logparser.py.
I propose this patch for trunk and 2.9.
[ 28-logparser-honor-chmod-events.diff ]
=== modified file utils/apparmor/logparser.py
--- utils/apparmor/logparser.py 2015-03-13 22:52:13.776256000 +0100
+++ utils/apparmor/logparser.py 2015-03-29 19:16:07.585798594 +0200
@@ -264,7 +264,7 @@
self.debug_logger.debug('add_event_to_tree: dropped exec event in %s' % e['profile'])
elif ( e['operation'].startswith('file_') or
- e['operation'] in ['open', 'truncate', 'mkdir', 'mknod', 'rename_src',
+ e['operation'] in ['open', 'truncate', 'mkdir', 'mknod', 'chmod', 'rename_src',
'rename_dest', 'unlink', 'rmdir', 'symlink_create', 'link',
'sysctl', 'getattr', 'setattr', 'xattr'] ):
#print(e['operation'], e['name'])
Regards,
Christian Boltz
--
12.2 will be released also in 2013 and not 2011 (which would save
us all some work, but violation of linear time is currently not an
option ;) [Marcus Meissner in opensuse-announce]
More information about the AppArmor
mailing list