On Thu, May 05, 2016 at 01:10:27AM +0200, Christian Boltz wrote: > Hello, > > some people have the full hostname in their syslog messages, so > libapparmor needs to accept hostnames that contain dots. > > > References: https://bugs.launchpad.net/apparmor/+bug/1453300 comments > #1 and #2 (the log samples reported by scrx in #apparmor) > > > I propose this patch for trunk, 2.10 and 2.9.
Acked-by: Seth Arnold <[email protected]> .. though I'm worried that this kind of patch may break something subtle. So I'd like to make sure that you've tried compile and tests with this patch first? Sure, it _looks_ right, but flex is a funny creature. Thanks > > > BTW: are there other special chars that are valid in a hostname and > not covered by the regex? > > > [ accept-hostname-with-dot.diff ] > > === modified file 'libraries/libapparmor/src/scanner.l' > --- libraries/libapparmor/src/scanner.l 2015-06-02 08:00:29 +0000 > +++ libraries/libapparmor/src/scanner.l 2016-05-04 22:23:48 +0000 > @@ -178,7 +178,7 @@ > hhmmss {digit}{2}{colon}{digit}{2}{colon}{digit}{2} > timezone ({plus}|{minus}){digit}{2}{colon}{digit}{2} > syslog_time {hhmmss}({period}{digits})?{timezone}? > -syslog_hostname [[:alnum:]_-]+ > +syslog_hostname [[:alnum:]._-]+ > dmesg_timestamp \[[[:digit:] ]{5,}\.[[:digit:]]{6,}\] > > %x single_quoted_string > > === added file > 'libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.err' > === added file > 'libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.in' > --- libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.in > 1970-01-01 00:00:00 +0000 > +++ libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.in > 2016-05-04 22:52:42 +0000 > @@ -0,0 +1,1 @@ > +Sep 14 18:49:13 mfa-mia-74-app-rabbitmq-1.mia.ix.int kernel: [964718.247816] > type=1400 audit(1442256553.643:40143): apparmor="ALLOWED" operation="open" > profile="/opt/evoke/venv/bin/gunicorn" > name="/opt/evoke/venv/lib/python2.7/warnings.pyc" pid=28943 comm="gunicorn" > requested_mask="r" denied_mask="r" fsuid=1000 ouid=110 > > === added file > 'libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.out' > --- libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.out > 1970-01-01 00:00:00 +0000 > +++ libraries/libapparmor/testsuite/test_multi/syslog_hostname_with_dot.out > 2016-05-04 22:54:55 +0000 > @@ -0,0 +1,15 @@ > +START > +File: syslog_hostname_with_dot.in > +Event type: AA_RECORD_ALLOWED > +Audit ID: 1442256553.643:40143 > +Operation: open > +Mask: r > +Denied Mask: r > +fsuid: 1000 > +ouid: 110 > +Profile: /opt/evoke/venv/bin/gunicorn > +Name: /opt/evoke/venv/lib/python2.7/warnings.pyc > +Command: gunicorn > +PID: 28943 > +Epoch: 1442256553 > +Audit subid: 40143 >
signature.asc
Description: PGP signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
