Hello Seth and John,
Thanks for your answers.
-
It seems that used version of apparmor parser has support for unix sockets
(I use 2.11):
on this
*$ echo "profile p { unix, }" | apparmor_parser -Qd*
I got the following output
* Warning from stdin (line 1): apparmor_parser: cannot use or update cache,
disable, or force-complain via stdin - Debugging built structures -
Name: p Profile Mode: Enforce unix (),*
-
Is it possible to back-port from v4.13 to the v4.4? There are a lot of
changes.
Well, it's not like I want you to do all the work for me, alright? Is it
possible to cooperate on this one?
I think that the main unix socket functionality was brought by this patch:
https://gitlab.com/apparmor/apparmor/blob/master/kernel-patches/v4.13/0017-UBUNTU-SAUCE-apparmor-af_unix-mediation.patch
What else should be added to the kernel?
2017-12-08 22:37 GMT+01:00 John Johansen :
> On 12/08/2017 08:20 AM, Viacheslav Salnikov wrote:
> > Hello,
> >
> > First of all, I googled and experimented. Didn't work out so well.
> >
> > I want to ensure that communication through unix socket is monitored by
> apparmor.
> > What should I do to make this happen?
> >
>
> As Seth mentioned you will need a kernel, and userspace that supports unix
> socket
> mediation.
>
> AppArmor 2.11 (latest release) supports unix socket rules.
>
> The Ubuntu kernels have supported unix socket mediation in some form since
> 14.10
>
> The patch does not currently exist in the upstream kernel but there is an
> out of tree patchset available, in the kernel-patches/ directory of the
> userspace project.
>
> You can find it in the release tarball, or gitlab.com/apparmor/apparmor
>
> you will want the v4.13 or v4.14 dir
>
>
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
