[apparmor] [patch] accept hostname with dots

[Christian Boltz]

Hello,

some people have the full hostname in their syslog messages, so
libapparmor needs to accept hostnames that contain dots.


References: https://bugs.launchpad.net/apparmor/+bug/1453300 comments
            #1 and #2 (the log samples reported by scrx in #apparmor)


I propose this patch for trunk, 2.10 and 2.9.


BTW: are there other special chars that are valid in a hostname and
not covered by the regex?


[ accept-hostname-with-dot.diff ]

=== modified file 'libraries/libapparmor/src/scanner.l'
--- libraries/libapparmor/src/scanner.l 2015-06-02 08:00:29 +0000
+++ libraries/libapparmor/src/scanner.l 2016-05-04 22:23:48 +0000
@@ -178,7 +178,7 @@
 hhmmss                 {digit}{2}{colon}{digit}{2}{colon}{digit}{2}
 timezone               ({plus}|{minus}){digit}{2}{colon}{digit}{2}
 syslog_time            {hhmmss}({period}{digits})?{timezone}?
-syslog_hostname                [[:alnum:]_-]+
+syslog_hostname                [[:alnum:]._-]+
 dmesg_timestamp                \[[[:digit:] ]{5,}\.[[:digit:]]{6,}\]
 
 %x single_quoted_string

=== added file 'libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.err'
=== added file 'libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.in'
--- libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.in      1970-01-01 00:00:00 +0000
+++ libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.in      2016-05-04 22:52:42 +0000
@@ -0,0 +1,1 @@
+Sep 14 18:49:13 mfa-mia-74-app-rabbitmq-1.mia.ix.int kernel: [964718.247816] type=1400 audit(1442256553.643:40143): apparmor="ALLOWED" operation="open" profile="/opt/evoke/venv/bin/gunicorn" name="/opt/evoke/venv/lib/python2.7/warnings.pyc" pid=28943 comm="gunicorn" requested_mask="r" denied_mask="r" fsuid=1000 ouid=110

=== added file 'libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.out'
--- libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.out     1970-01-01 00:00:00 +0000
+++ libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.out     2016-05-04 22:54:55 +0000
@@ -0,0 +1,15 @@
+START
+File: syslog_hostname_with_dot.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1442256553.643:40143
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 110
+Profile: /opt/evoke/venv/bin/gunicorn
+Name: /opt/evoke/venv/lib/python2.7/warnings.pyc
+Command: gunicorn
+PID: 28943
+Epoch: 1442256553
+Audit subid: 40143



Regards,

Christian Boltz
-- 
Böse Zungen behaupten, ein unterschriebenes Zertifikat bescheinigt
dem Client, daß ein unbekannter Serverbetreiber einem unbekannten
CA-Betreiber Geld bezahlt hat. Das ist natürlich für eine Kommunikation
eine eher nutzlose Garantie.
[http://blog.koehntopp.de/archives/3166-Not-Fixing-SSL.html]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160505/7b639f48/attachment.pgp>