On Thu, Feb 23, 2017 at 12:49:46AM +0100, Christian Boltz wrote: > Hello, > > $subject. > That's much better than crashing aa-logprof ;-) (use the log line in > the added testcase if you want to see the crash) > > Reported by pfak on IRC. > > > I propose this patch for trunk, 2.10 and 2.9.
Acked for all three, thanks. Acked-by: Seth Arnold <[email protected]> > > > [ 01-logparser-unconfined-change_hat.diff ] > > --- utils/apparmor/logparser.py 2017-01-19 23:22:16.148279403 +0100 > +++ utils/apparmor/logparser.py 2017-02-23 00:21:24.402771048 +0100 > @@ -249,6 +249,8 @@ > if e['operation'] == 'change_hat': > if aamode != 'HINT' and aamode != 'PERMITTING': > return None > + if e['error_code'] == 1 and e['info'] == 'unconfined can not > change_hat': > + return None > profile = e['name2'] > #hat = None > if '//' in e['name2']: > === added file > 'libraries/libapparmor/testsuite/test_multi/unconfined-change_hat.err' > === added file > 'libraries/libapparmor/testsuite/test_multi/unconfined-change_hat.in' > --- libraries/libapparmor/testsuite/test_multi/unconfined-change_hat.in > 1970-01-01 00:00:00 +0000 > +++ libraries/libapparmor/testsuite/test_multi/unconfined-change_hat.in > 2017-02-22 23:15:02 +0000 > @@ -0,0 +1,1 @@ > +Feb 21 23:22:01 mail-20170118 kernel: [1222198.459750] audit: type=1400 > audit(1487719321.954:218): apparmor="ALLOWED" operation="change_hat" > info="unconfined can not change_hat" error=-1 profile="unconfined" pid=19941 > comm="apache2" > > === added file > 'libraries/libapparmor/testsuite/test_multi/unconfined-change_hat.out' > --- libraries/libapparmor/testsuite/test_multi/unconfined-change_hat.out > 1970-01-01 00:00:00 +0000 > +++ libraries/libapparmor/testsuite/test_multi/unconfined-change_hat.out > 2017-02-22 23:15:17 +0000 > @@ -0,0 +1,12 @@ > +START > +File: unconfined-change_hat.in > +Event type: AA_RECORD_ALLOWED > +Audit ID: 1487719321.954:218 > +Operation: change_hat > +Profile: unconfined > +Command: apache2 > +Info: unconfined can not change_hat > +ErrorCode: 1 > +PID: 19941 > +Epoch: 1487719321 > +Audit subid: 218 > > === added file > 'libraries/libapparmor/testsuite/test_multi/unconfined-change_hat.profile' > --- libraries/libapparmor/testsuite/test_multi/unconfined-change_hat.profile > 1970-01-01 00:00:00 +0000 > +++ libraries/libapparmor/testsuite/test_multi/unconfined-change_hat.profile > 2017-02-22 23:20:06 +0000 > @@ -0,0 +1,2 @@ > +profile unconfined { > +} > >
signature.asc
Description: PGP signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
