** Description changed: The AF_UNIX unnamed dgram tests that involve a peer label are failing. Note that only the dgram tests of unix_socket_unnamed.sh result in this failure. The identical stream and seqpacket tests pass. It seems like the socket labeling may be applied differently between connected and connectionless sockets. + + Note that you need a branch of lp:apparmor at r2715 or newer plus the + following patch to reproduce this failure: + + https://lists.ubuntu.com/archives/apparmor/2014-September/006534.html * The test failures: Error: unix_socket failed. Test 'AF_UNIX unnamed socket (dgram); confined server (peer label w/ implicit perms)' was expected to 'pass'. Reason for failure 'FAIL CLIENT - sendto: Permission denied FAIL - recvfrom: Resource temporarily unavailable' Error: unix_socket failed. Test 'AF_UNIX unnamed socket (dgram); confined server (peer label w/ explicit perms)' was expected to 'pass'. Reason for failure 'FAIL CLIENT - sendto: Permission denied FAIL - recvfrom: Resource temporarily unavailable' Error: unix_socket failed. Test 'AF_UNIX unnamed socket (dgram); confined server (peer label, peer addr)' was expected to 'pass'. Reason for failure 'FAIL CLIENT - sendto: Permission denied FAIL - recvfrom: Resource temporarily unavailable' Error: unix_socket failed. Test 'AF_UNIX unnamed socket (dgram); confined server (type, peer label, peer addr)' was expected to 'pass'. Reason for failure 'FAIL CLIENT - sendto: Permission denied FAIL - recvfrom: Resource temporarily unavailable' Error: unix_socket failed. Test 'AF_UNIX unnamed socket (dgram); confined server (type, addr, peer label)' was expected to 'pass'. Reason for failure 'FAIL CLIENT - sendto: Permission denied FAIL - recvfrom: Resource temporarily unavailable' Error: unix_socket failed. Test 'AF_UNIX unnamed socket (dgram); confined server (type, addr, peer label, peer addr)' was expected to 'pass'. Reason for failure 'FAIL CLIENT - sendto: Permission denied FAIL - recvfrom: Resource temporarily unavailable' * The denial from the first failed test is: apparmor="DENIED" operation="sendmsg" profile="/home/tyhicks/apparmor.git/tests/regression/apparmor/unix_socket" pid=15736 comm="unix_socket_cli" family="unix" sock_type="dgram" protocol=0 requested_mask="receive" denied_mask="receive" addr=none peer_addr=none peer="unconfined" * The profile for the first failed test is: /home/tyhicks/apparmor.git/tests/regression/apparmor/unix_socket { - /etc/ld.so.cache r, - /proc/*/attr/current w, - /dev/urandom r, - /home/tyhicks/apparmor.git/tests/regression/apparmor/unix_socket rix, - /lib/x86_64-linux-gnu/libc-2.19.so mr, - /lib/x86_64-linux-gnu/ld-2.19.so rix, - /tmp/sdtest.14144-11270-bx3zOK/output.unix_socket w, - /home/tyhicks/apparmor.git/tests/regression/apparmor/unix_socket_client Ux, - unix (create,getopt,setopt,shutdown), - unix peer=(label=/home/tyhicks/apparmor.git/tests/regression/apparmor/unix_socket), + /etc/ld.so.cache r, + /proc/*/attr/current w, + /dev/urandom r, + /home/tyhicks/apparmor.git/tests/regression/apparmor/unix_socket rix, + /lib/x86_64-linux-gnu/libc-2.19.so mr, + /lib/x86_64-linux-gnu/ld-2.19.so rix, + /tmp/sdtest.14144-11270-bx3zOK/output.unix_socket w, + /home/tyhicks/apparmor.git/tests/regression/apparmor/unix_socket_client Ux, + unix (create,getopt,setopt,shutdown), + unix peer=(label=/home/tyhicks/apparmor.git/tests/regression/apparmor/unix_socket), } - --- + --- ApportVersion: 2.14.7-0ubuntu2 Architecture: amd64 DistroRelease: Ubuntu 14.10 HibernationDevice: RESUME=UUID=4001a47a-4b23-4a0a-9301-da2c20cb2d34 InstallationDate: Installed on 2014-05-01 (145 days ago) InstallationMedia: Ubuntu 14.10 "Utopic Unicorn" - Alpha amd64 (20140501) IwConfig: - eth0 no wireless extensions. - - lo no wireless extensions. + eth0 no wireless extensions. + + lo no wireless extensions. Lsusb: Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub MachineType: QEMU Standard PC (i440FX + PIIX, 1996) Package: linux (not installed) ProcFB: - + ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.16.0-17-generic root=UUID=9f38a1c7-dfce-4e54-b8d9-5d6ee0b7874c ro quiet splash ProcVersionSignature: User Name 3.16.0-17.23-generic 3.16.3 RelatedPackageVersions: - linux-restricted-modules-3.16.0-17-generic N/A - linux-backports-modules-3.16.0-17-generic N/A - linux-firmware 1.134 + linux-restricted-modules-3.16.0-17-generic N/A + linux-backports-modules-3.16.0-17-generic N/A + linux-firmware 1.134 RfKill: - + Tags: utopic Uname: Linux 3.16.0-17-generic x86_64 UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo _MarkForUpload: True dmi.bios.date: 01/01/2011 dmi.bios.vendor: Bochs dmi.bios.version: Bochs dmi.chassis.type: 1 dmi.chassis.vendor: Bochs dmi.modalias: dmi:bvnBochs:bvrBochs:bd01/01/2011:svnQEMU:pnStandardPC(i440FX+PIIX,1996):pvrpc-i440fx-trusty:cvnBochs:ct1:cvr: dmi.product.name: Standard PC (i440FX + PIIX, 1996) dmi.product.version: pc-i440fx-trusty dmi.sys.vendor: QEMU
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1373172 Title: unix_socket_unnamed.sh confined server dgram peer label tests fail Status in “linux” package in Ubuntu: Triaged Bug description: The AF_UNIX unnamed dgram tests that involve a peer label are failing. Note that only the dgram tests of unix_socket_unnamed.sh result in this failure. The identical stream and seqpacket tests pass. It seems like the socket labeling may be applied differently between connected and connectionless sockets. Note that you need a branch of lp:apparmor at r2715 or newer plus the following patch to reproduce this failure: https://lists.ubuntu.com/archives/apparmor/2014-September/006534.html * The test failures: Error: unix_socket failed. Test 'AF_UNIX unnamed socket (dgram); confined server (peer label w/ implicit perms)' was expected to 'pass'. Reason for failure 'FAIL CLIENT - sendto: Permission denied FAIL - recvfrom: Resource temporarily unavailable' Error: unix_socket failed. Test 'AF_UNIX unnamed socket (dgram); confined server (peer label w/ explicit perms)' was expected to 'pass'. Reason for failure 'FAIL CLIENT - sendto: Permission denied FAIL - recvfrom: Resource temporarily unavailable' Error: unix_socket failed. Test 'AF_UNIX unnamed socket (dgram); confined server (peer label, peer addr)' was expected to 'pass'. Reason for failure 'FAIL CLIENT - sendto: Permission denied FAIL - recvfrom: Resource temporarily unavailable' Error: unix_socket failed. Test 'AF_UNIX unnamed socket (dgram); confined server (type, peer label, peer addr)' was expected to 'pass'. Reason for failure 'FAIL CLIENT - sendto: Permission denied FAIL - recvfrom: Resource temporarily unavailable' Error: unix_socket failed. Test 'AF_UNIX unnamed socket (dgram); confined server (type, addr, peer label)' was expected to 'pass'. Reason for failure 'FAIL CLIENT - sendto: Permission denied FAIL - recvfrom: Resource temporarily unavailable' Error: unix_socket failed. Test 'AF_UNIX unnamed socket (dgram); confined server (type, addr, peer label, peer addr)' was expected to 'pass'. Reason for failure 'FAIL CLIENT - sendto: Permission denied FAIL - recvfrom: Resource temporarily unavailable' * The denial from the first failed test is: apparmor="DENIED" operation="sendmsg" profile="/home/tyhicks/apparmor.git/tests/regression/apparmor/unix_socket" pid=15736 comm="unix_socket_cli" family="unix" sock_type="dgram" protocol=0 requested_mask="receive" denied_mask="receive" addr=none peer_addr=none peer="unconfined" * The profile for the first failed test is: /home/tyhicks/apparmor.git/tests/regression/apparmor/unix_socket { /etc/ld.so.cache r, /proc/*/attr/current w, /dev/urandom r, /home/tyhicks/apparmor.git/tests/regression/apparmor/unix_socket rix, /lib/x86_64-linux-gnu/libc-2.19.so mr, /lib/x86_64-linux-gnu/ld-2.19.so rix, /tmp/sdtest.14144-11270-bx3zOK/output.unix_socket w, /home/tyhicks/apparmor.git/tests/regression/apparmor/unix_socket_client Ux, unix (create,getopt,setopt,shutdown), unix peer=(label=/home/tyhicks/apparmor.git/tests/regression/apparmor/unix_socket), } --- ApportVersion: 2.14.7-0ubuntu2 Architecture: amd64 DistroRelease: Ubuntu 14.10 HibernationDevice: RESUME=UUID=4001a47a-4b23-4a0a-9301-da2c20cb2d34 InstallationDate: Installed on 2014-05-01 (145 days ago) InstallationMedia: Ubuntu 14.10 "Utopic Unicorn" - Alpha amd64 (20140501) IwConfig: eth0 no wireless extensions. lo no wireless extensions. Lsusb: Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub MachineType: QEMU Standard PC (i440FX + PIIX, 1996) Package: linux (not installed) ProcFB: ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.16.0-17-generic root=UUID=9f38a1c7-dfce-4e54-b8d9-5d6ee0b7874c ro quiet splash ProcVersionSignature: User Name 3.16.0-17.23-generic 3.16.3 RelatedPackageVersions: linux-restricted-modules-3.16.0-17-generic N/A linux-backports-modules-3.16.0-17-generic N/A linux-firmware 1.134 RfKill: Tags: utopic Uname: Linux 3.16.0-17-generic x86_64 UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo _MarkForUpload: True dmi.bios.date: 01/01/2011 dmi.bios.vendor: Bochs dmi.bios.version: Bochs dmi.chassis.type: 1 dmi.chassis.vendor: Bochs dmi.modalias: dmi:bvnBochs:bvrBochs:bd01/01/2011:svnQEMU:pnStandardPC(i440FX+PIIX,1996):pvrpc-i440fx-trusty:cvnBochs:ct1:cvr: dmi.product.name: Standard PC (i440FX + PIIX, 1996) dmi.product.version: pc-i440fx-trusty dmi.sys.vendor: QEMU To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1373172/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp