On Thu, Dec 01, 2016 at 04:13:26PM -0800, John Johansen wrote:
> aa-unconfined currently does not check/display ipv6 fix this

Sorry to say this isn't sufficient to fix the issue. To test, run in one
terminal:

nc -6 -l 1234

and check that aa-unconfined still doesn't show the process.

The regex_tcp_udp line needs to be updated to at least allow an optional
'6':

-    regex_tcp_udp = 
re.compile(r"^(tcp|udp)\s+\d+\s+\d+\s+\S+\:(\d+)\s+\S+\:(\*|\d+)\s+(LISTEN|\s+)\s+(\d+)\/(\S+)")
+    regex_tcp_udp = 
re.compile(r"^(tcp|udp)6?\s+\d+\s+\d+\s+\S+\:(\d+)\s+\S+\:(\*|\d+)\s+(LISTEN|\s+)\s+(\d+)\/(\S+)")

-------------------------------------------^^

While these changes are sufficient for my simple test to work, I haven't
yet tried binding to specific IPv6 addresses.

Thanks

Attachment: signature.asc
Description: PGP signature

-- 
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Reply via email to