[apparmor] [patch] Add change_onexec log example to test_multi

Christian Boltz apparmor at cboltz.de
Fri Dec 9 22:19:54 UTC 2016 

Hello,

$subject.

Found in https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1648143 comment 1


[ test_multi-change_onexec.diff ]

=== added file 'libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.err'
=== added file 'libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.in'
--- libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.in       1970-01-01 00:00:00 +0000
+++ libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.in       2016-12-09 21:51:31 +0000
@@ -0,0 +1,1 @@
+[103975.623545] audit: type=1400 audit(1481284511.494:2807): apparmor="DENIED" operation="change_onexec" info="no new privs" error=-1 namespace="root//lxd-tor_<var-lib-lxd>" profile="unconfined" name="system_tor" pid=18593 comm="(tor)" target="system_tor"

=== added file 'libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.out'
--- libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.out      1970-01-01 00:00:00 +0000
+++ libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.out      2016-12-09 21:56:43 +0000
@@ -0,0 +1,15 @@
+START
+File: change_onexec_lp1648143.in
+Event type: AA_RECORD_DENIED
+Audit ID: 1481284511.494:2807
+Operation: change_onexec
+Profile: unconfined
+Name: system_tor
+Command: (tor)
+Name2: system_tor
+Namespace: root//lxd-tor_<var-lib-lxd>
+Info: no new privs
+ErrorCode: 1
+PID: 18593
+Epoch: 1481284511
+Audit subid: 2807

=== added file 'libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.profile'
--- libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.profile  1970-01-01 00:00:00 +0000
+++ libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.profile  2016-12-09 22:12:12 +0000
@@ -0,0 +1,2 @@
+profile unconfined {
+}



Regards,

Christian Boltz
-- 
> Das sehe ich anders. Ein Mailserver sollte eine Message id nur
> einmal verwenden. [...]
Stimmt schon, aber wie heisst es so schön "Der klügere gibt nach"
(und das ist fast nie der Exchange)
[Sven Pastorik und Ralf Hildebrandt in postfix-users]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20161209/34580d4d/attachment.pgp>

More information about the AppArmor mailing list