On 04/27/2012 12:16 AM, Jeroen Ooms wrote: > Hi Steve, > >> As John said, aa_change_hat() merely requires the same value to >> be passed in, not a pointer to the same memory location. Looking >> at the git tree, you're once again hitting a type mis-match: >> aa_change_hat_wrapper() and aa_revert_hat_wrapper() take a pointer >> to an unsigned long (unsigned long*) as argument but then pass that >> _pointer_ when calling aa_change_hat(). > > Thanks a lot for catching this. By now it should be obvious that my > experience with C is close to your experience with R. The pointers are > still confusing me. I am used to programming in Java/Javascript where > everything is a reference, or in R where everything is a value (no > references at all). Either way, once my Ubuntu upgrade is done (only 3 > hours remaining) I am going to apply your patch and see if I can get > things to work. > >> For your test profile, I added the following audit qualifiers so that I >> knew when things were getting rejected: > > Ah cool I wasn't aware of this feature. Prefixing a line with audit > will do some additional logging? > yes. It causes a rule match to be audited, in addition to granting permission
/file r, # grant r perm, does not audit audit /file r, #grant r perm and log a message to audit the audit qualifier is done at the permission level so you can do things like /etc/shadow r, # don't audit read access audit /etc/shadow w, # but record write access it is important to note that this is done at the permission request level instead (file open), instead of the actual read/write level. So requesting a file be opened for rw will trigger the audit, even if a write is never done. -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
