** Changed in: apparmor (Ubuntu)
Importance: Medium => Low
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/670639
Title:
apparmor_parser dfa dominance is incorrect
Status in “apparmor” package in Ubuntu:
Triaged
Bug description:
Binary package hint: apparmor
On up to date Maverick, the following will not parse:
$ cat /tmp/bug_fails
#include <tunables/global>
profile confined_user {
#include <abstractions/base>
#include <abstractions/bash>
#include <abstractions/consoles>
#include <abstractions/nameservice>
deny capability sys_ptrace,
owner /** rwkl,
@{PROC}/** r,
/bin/** Pixmr,
/usr/bin/** Pixmr,
owner @{HOMEDIRS}/bin/** Pixmr,
}
$ apparmor_parser -S /tmp/bug_fails >/dev/null
failed user merge 0xa7f 0x201
failed user merge 0xa7f 0x201
ERROR processing regexs for profile confined_user, failed to load
But this will:
$ cat /tmp/bug_works
#include <tunables/global>
profile confined_user {
#include <abstractions/base>
#include <abstractions/bash>
#include <abstractions/consoles>
#include <abstractions/nameservice>
deny capability sys_ptrace,
owner /** rwkl,
@{PROC}/** r,
/bin/** Pixmr,
/usr/bin/** Pixmr,
owner @{HOMEDIRS}/bin/** ixmr,
}
$ apparmor_parser -S /tmp/bug_works >/dev/null
Attached are the profiles and output from apparmor_parser -p.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/670639/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
