** Changed in: apparmor
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1432045
Title:
pivot_root audit modifier ignored when oldroot and newroot specified
Status in AppArmor Linux application security framework:
Fix Released
Status in apparmor package in Ubuntu:
Fix Released
Bug description:
$ echo "/t { pivot_root oldroot=/ /a, }" | apparmor_parser -qS | md5sum
422b222b6608dff7aca3420062aad3db -
$ echo "/t { audit pivot_root oldroot=/ /a, }" | apparmor_parser -qS | md5sum
422b222b6608dff7aca3420062aad3db -
$ echo "/t { audit deny pivot_root oldroot=/ /a, }" | apparmor_parser -qS |
md5sum
9e598c327781b16acdab2d3e939279ec -
Note that the audit modifier doesn't change the binary policy file but
the audit deny modifier does.
Also, the binary policy file changes as expected on "audit
pivot_root," and "audit pivot_root oldroot=/,". That is, this bug only
seems to happen when oldroot and newroot are both specified.
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1432045/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
