On Wed, Apr 20, 2016 at 11:52:46PM -0700, John Johansen wrote: > The current behavior is confusing as it causes exec failures to report > the executable is missing instead of identifying that apparmor > caused the failure. > > Signed-off-by: John Johansen <[email protected]>
Acked-by: Seth Arnold <[email protected]> Thanks > --- > security/apparmor/domain.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c > index dc0027b..67a7418 100644 > --- a/security/apparmor/domain.c > +++ b/security/apparmor/domain.c > @@ -433,7 +433,7 @@ int apparmor_bprm_set_creds(struct linux_binprm *bprm) > new_profile = > aa_get_newest_profile(ns->unconfined); > info = "ux fallback"; > } else { > - error = -ENOENT; > + error = -EACCES; > info = "profile not found"; > /* remove MAY_EXEC to audit as failure */ > perms.allow &= ~MAY_EXEC;
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
