agent 8131, apparmor 2.9.2-0ubuntu1 just landed in wily and contains a fix for this that attempts to only apply the transformation for file based events, specifically in http://bazaar.launchpad.net/~apparmor- dev/apparmor/2.9/revision/2905 , so you should no longer see this in wily.
Also, this version (2.9.2) of the python tools has been backported to trusty for an SRU. Please leave feedback on bug 1449769 if you are using trusty as to whether the proposed packages improves the usability of the tools in that release and if you discover significant regressions from it. Both 2.9.2 and the trusty SRU should also address the issue in Bug #1399027. Again, feedback in that bug on the trusty SRU would be greatly appreciated. Thanks for your patience! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1243932 Title: aa-logprof: Log contains unknown mode senw Status in AppArmor Linux application security framework: Fix Released Status in apparmor package in Ubuntu: Fix Released Bug description: [Impact] * aa-logprof does not work when dbus rule denials are present in the logs [Automated Test Case] * test_lp1243932_send, test_lp1243932_receive, and test_lp1243932_bind have been added to QRT's test-apparmor.py test script [Manual Test Case] * Load a profile that does not grant D-Bus access and create a D-Bus denial. Then, test aa-logprof. $ echo "profile lp1243932 { file, }" | sudo apparmor_parser -rq $ aa-exec -p lp1243932 -- dbus-send --print-reply --system \ --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.ListNames Failed to open connection to "system" message bus: An AppArmor policy prevents this sender from sending this message to this recipient, 0 matched rules; type="method_call", sender="(null)" (inactive) interface="org.freedesktop.DBus" member="Hello" error name="(unset)" requested_reply="0" destination="org.freedesktop.DBus" (bus) $ aa-logprof -f /dev/null Reading log entries from /dev/null. Updating AppArmor profiles in /etc/apparmor.d. An unpatched aa-logprof will print similar output followed by: Log contains unknown mode senw. [Regression Potential] * The regression potential is low since aa-logprof currently refuses to work when D-Bus denials are present. The fix is minimal and has been reviewed by upstream. [Original Bug Report] since saucy aa-logprof does not work anymore: $ aa-logprof Reading log entries from /var/log/syslog. Updating AppArmor profiles in /etc/apparmor.d. Log contains unknown mode senw. the issues seem to be caused by dbus send denies: Oct 23 19:52:56 ubuntu dbus[2594]: apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/freedesktop/DBus" interface="org.freedesktop.DBus" member="Hello" mask="send" name="org.freedesktop.DBus" pid=3552 profile="/usr/bin/smuxi-frontend-gnome" peer_profile="unconfined" 23:16 <tyhicks> my guess is the denial of a dbus send 23:16 <tyhicks> senw is awful close to send 23:17 <tyhicks> parse_event() in AppArmor.pm does this: 23:18 <tyhicks> $rmask =~ s/d/w/g; 23:18 <tyhicks> followed by: 23:18 <tyhicks> fatal_error(sprintf(gettext('Log contains unknown mode %s.'), $rmask)); ubuntu 13.10 amd64. apparmor-utils: Installed: 2.8.0-0ubuntu31 Candidate: 2.8.0-0ubuntu31 Version table: *** 2.8.0-0ubuntu31 0 500 http://de.archive.ubuntu.com/ubuntu/ saucy/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1243932/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp