[apparmor] [patch] honor 'chmod' events in logparser.py / aa-logprof
Seth Arnold
seth.arnold at canonical.com
Mon Mar 30 18:56:47 UTC 2015
On Sun, Mar 29, 2015 at 07:30:06PM +0200, Christian Boltz wrote:
> Hello,
>
> aa-logprof doesn't ask anything for
>
> type=AVC msg=audit(1427633461.202:281): apparmor="DENIED" operation="chmod" profile="/usr/lib64/firefox/plugin-container" name="/home/cb/.config/ibus/bus/" pid=7779 comm="plugin-containe" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
>
> This patch fixes this by adding 'chmod' to the list of file operation
> types in logparser.py.
>
> I propose this patch for trunk and 2.9.
Acked-by: Seth Arnold <seth.arnold at canonical.com>
for both trunk and 2.9. Thanks.
>
> [ 28-logparser-honor-chmod-events.diff ]
>
> === modified file utils/apparmor/logparser.py
> --- utils/apparmor/logparser.py 2015-03-13 22:52:13.776256000 +0100
> +++ utils/apparmor/logparser.py 2015-03-29 19:16:07.585798594 +0200
> @@ -264,7 +264,7 @@
> self.debug_logger.debug('add_event_to_tree: dropped exec event in %s' % e['profile'])
>
> elif ( e['operation'].startswith('file_') or
> - e['operation'] in ['open', 'truncate', 'mkdir', 'mknod', 'rename_src',
> + e['operation'] in ['open', 'truncate', 'mkdir', 'mknod', 'chmod', 'rename_src',
> 'rename_dest', 'unlink', 'rmdir', 'symlink_create', 'link',
> 'sysctl', 'getattr', 'setattr', 'xattr'] ):
> #print(e['operation'], e['name'])
>
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20150330/e037cdad/attachment.pgp>
More information about the AppArmor
mailing list