[apparmor] [patch] Add change_onexec log example to test_multi

Fri Dec 9 22:37:30 UTC 2016

On 12/09/2016 02:19 PM, Christian Boltz wrote:
> Hello,
> 
> $subject.
> 
> Found in https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1648143 comment 1
> 

/me likes more tests

Acked-by: John Johansen <john.johansen at canonical.com>

for 2.9, 2.10, head

> 
> [ test_multi-change_onexec.diff ]
> 
> === added file 'libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.err'
> === added file 'libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.in'
> --- libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.in       1970-01-01 00:00:00 +0000
> +++ libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.in       2016-12-09 21:51:31 +0000
> @@ -0,0 +1,1 @@
> +[103975.623545] audit: type=1400 audit(1481284511.494:2807): apparmor="DENIED" operation="change_onexec" info="no new privs" error=-1 namespace="root//lxd-tor_<var-lib-lxd>" profile="unconfined" name="system_tor" pid=18593 comm="(tor)" target="system_tor"
> 
> === added file 'libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.out'
> --- libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.out      1970-01-01 00:00:00 +0000
> +++ libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.out      2016-12-09 21:56:43 +0000
> @@ -0,0 +1,15 @@
> +START
> +File: change_onexec_lp1648143.in
> +Event type: AA_RECORD_DENIED
> +Audit ID: 1481284511.494:2807
> +Operation: change_onexec
> +Profile: unconfined
> +Name: system_tor
> +Command: (tor)
> +Name2: system_tor
> +Namespace: root//lxd-tor_<var-lib-lxd>
> +Info: no new privs
> +ErrorCode: 1
> +PID: 18593
> +Epoch: 1481284511
> +Audit subid: 2807
> 
> === added file 'libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.profile'
> --- libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.profile  1970-01-01 00:00:00 +0000
> +++ libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.profile  2016-12-09 22:12:12 +0000
> @@ -0,0 +1,2 @@
> +profile unconfined {
> +}
> 
> 
> 
> Regards,
> 
> Christian Boltz
> 
> 
>