[apparmor] [patch] accept hostname with dots

Seth Arnold seth.arnold at canonical.com
Thu May 5 00:54:13 UTC 2016 

On Thu, May 05, 2016 at 01:10:27AM +0200, Christian Boltz wrote:
> Hello,
> 
> some people have the full hostname in their syslog messages, so
> libapparmor needs to accept hostnames that contain dots.
> 
> 
> References: https://bugs.launchpad.net/apparmor/+bug/1453300 comments
>             #1 and #2 (the log samples reported by scrx in #apparmor)
> 
> 
> I propose this patch for trunk, 2.10 and 2.9.

Acked-by: Seth Arnold <seth.arnold at canonical.com>

.. though I'm worried that this kind of patch may break something subtle.
So I'd like to make sure that you've tried compile and tests with this
patch first? Sure, it _looks_ right, but flex is a funny creature.

Thanks

> 
> 
> BTW: are there other special chars that are valid in a hostname and
> not covered by the regex?
> 
> 
> [ accept-hostname-with-dot.diff ]
> 
> === modified file 'libraries/libapparmor/src/scanner.l'
> --- libraries/libapparmor/src/scanner.l 2015-06-02 08:00:29 +0000
> +++ libraries/libapparmor/src/scanner.l 2016-05-04 22:23:48 +0000
> @@ -178,7 +178,7 @@
>  hhmmss                 {digit}{2}{colon}{digit}{2}{colon}{digit}{2}
>  timezone               ({plus}|{minus}){digit}{2}{colon}{digit}{2}
>  syslog_time            {hhmmss}({period}{digits})?{timezone}?
> -syslog_hostname                [[:alnum:]_-]+
> +syslog_hostname                [[:alnum:]._-]+
>  dmesg_timestamp                \[[[:digit:] ]{5,}\.[[:digit:]]{6,}\]
>  
>  %x single_quoted_string
> 
> === added file 'libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.err'
> === added file 'libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.in'
> --- libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.in      1970-01-01 00:00:00 +0000
> +++ libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.in      2016-05-04 22:52:42 +0000
> @@ -0,0 +1,1 @@
> +Sep 14 18:49:13 mfa-mia-74-app-rabbitmq-1.mia.ix.int kernel: [964718.247816] type=1400 audit(1442256553.643:40143): apparmor="ALLOWED" operation="open" profile="/opt/evoke/venv/bin/gunicorn" name="/opt/evoke/venv/lib/python2.7/warnings.pyc" pid=28943 comm="gunicorn" requested_mask="r" denied_mask="r" fsuid=1000 ouid=110
> 
> === added file 'libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.out'
> --- libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.out     1970-01-01 00:00:00 +0000
> +++ libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.out     2016-05-04 22:54:55 +0000
> @@ -0,0 +1,15 @@
> +START
> +File: syslog_hostname_with_dot.in
> +Event type: AA_RECORD_ALLOWED
> +Audit ID: 1442256553.643:40143
> +Operation: open
> +Mask: r
> +Denied Mask: r
> +fsuid: 1000
> +ouid: 110
> +Profile: /opt/evoke/venv/bin/gunicorn
> +Name: /opt/evoke/venv/lib/python2.7/warnings.pyc
> +Command: gunicorn
> +PID: 28943
> +Epoch: 1442256553
> +Audit subid: 40143
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160504/a156b982/attachment.pgp>

More information about the AppArmor mailing list