[apparmor] [patch] logparser.py: do sanity check for all file events
Christian Boltz
apparmor at cboltz.de
Mon Feb 1 21:54:42 UTC 2016
Hello,
most probably-file log events can also be network events. Therefore
check for request_mask in all events, not only file_perm, file_inherit
and (from the latest bugreport) file_receive.
References: https://bugs.launchpad.net/apparmor/+bug/1540562
I propose this patch for trunk, 2.10 and 2.9.
[ 68-logparser-check-sanity-of-all-file-events.diff ]
--- utils/apparmor/logparser.py 2016-02-01 21:31:56.439302830 +0100
+++ utils/apparmor/logparser.py 2016-02-01 22:38:40.519637878 +0100
@@ -300,10 +300,10 @@
'rename_dest', 'unlink', 'rmdir', 'symlink_create', 'link',
'sysctl', 'getattr', 'setattr', 'xattr'] ):
- # for some reason, we get file_perm and file_inherit log events without request_mask, see
- # https://bugs.launchpad.net/apparmor/+bug/1466812/ and https://bugs.launchpad.net/apparmor/+bug/1509030
+ # for some kernel-side reason, we get file-related log events without request_mask, see
+ # https://bugs.launchpad.net/apparmor/+bug/1466812/, https://bugs.launchpad.net/apparmor/+bug/1509030 and https://bugs.launchpad.net/apparmor/+bug/1540562
# request_mask can also be '', see https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1525119
- if e['operation'] in ['file_perm', 'file_inherit'] and not e['request_mask']:
+ if not e['request_mask']:
self.debug_logger.debug('UNHANDLED (missing request_mask): %s' % e)
return None
Regards,
Christian Boltz
--
Linux - und dein PC macht nie wieder blau.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160201/1330b368/attachment.pgp>
More information about the AppArmor
mailing list