[apparmor] Pidgin, 4.14, and App Armor Oops.

John Johansen john.johansen at canonical.com
Tue Nov 21 21:47:31 UTC 2017


On 11/21/2017 12:35 PM, Zephaniah E. Loss-Cutler-Hull wrote:
> On 11/21/2017 09:49 AM, John Johansen wrote:
>> On 11/21/2017 12:06 AM, Zephaniah E. Loss-Cutler-Hull wrote:
>>> Alright, trying again, this time with my mail settings to actually send
>>> as plain text, and with some more detail.
>>>
>>> I am running Ubuntu 16.04, with a mainline 4.14 kernel.
>>>
>>
>> So this is a new one, I just (minutes appart) got another report of a similar
>> oops that looks very similar.
>>
>> The detail with pidgin should help track this down. Can you send me your
>> pidgin profile?
> 
> I can, but how about a much smaller test case?
> 
> The short version, applications running under an app armor profile can
> no longer send signals.
> 
> sudo cp /bin/kill /tmp/
> 
> Make a new profile:
> /etc/apparmor.d/tmp.kill (Included, very very basic)
> 
> Try and run it:
> 
> ~$ /tmp/kill -0 19087
> zsh: killed     /tmp/kill -0 19087
> 
> Other signals such as SIGHUP trigger the same impact.
> 

Interesting, I couldn't replicate so I set up fresh install of
16.04, and a clean build of 4.14 (checking out
bebc6082da0a9f5d47a1ea2edc099bf671058bd4)

What is your parser version?
  apparmor_parser -V

What kernel commit is your kernel built from, if not a fully
upstream kernel what is the upstream commit you are basing
your kernel build on (so I can at least come close).


Can you send me your kernel config? Its possible its due to
a difference in the configs of the kernels we are testing with


thanks
john




More information about the AppArmor mailing list