Please consider this for a Jaunty Beta freeze exception. Attached is a debdiff to fix this issue; it also cherrypicks a couple of issues fixed upstream that came to light in testing this fix, namely a situation where the tools could generate an invalid apparmor profile, and where the tools would, in repeated invocations, ask about the same networking events, even though the profile in question had already been modified to allow them.
All the changes in question are limited to the apparmor-utils perl module Immunix/SubDomain.pm; and as the tools do not correctly parse the generated log messages and thus are non-functional, the risk of regression from this fix is low, and should have no impact on the rest of the distribution. I have tested these changes in packages built for jaunty in my ppa, and as Dariusz Suchojad mentioned, he tested the same changes as applied to intrepid packages, also built from my ppa. Thanks. ** Attachment added: "apparmor_2.3+1289-0ubuntu10.debdiff" http://launchpadlibrarian.net/24153775/apparmor_2.3%2B1289-0ubuntu10.debdiff ** Description changed: + Jaunty Beta Freeze Exception Request: please see comment + https://bugs.launchpad.net/ubuntu/jaunty/+source/apparmor/+bug/340183/comments/23 + Binary package hint: apparmor Hello, I'd say the bug report I'm opening is a duplicate of #294600, however Steve Beattie said #294600 was a dup of #271252 which deals with a completely different case. Not sure whether I should really open it as a new bug but here it is anyway. aa-genprof generates an empty profile when it reads audit messages from /var/log/messages. It works fine, i.e. produces a non-empty profile when auditd is installed. Take a look at apparmor_var_log_messages.txt attachment - here you can see that aa-genprof asks no questions at all, it directly jumps to generating a new profile. After installing auditd it's a completely different situation, here aa-genprof has noticed there were some audit events generated and starts asking the questions. The first lines of both attachments are the sample log entries, they're different on the first two columns. It's type=1502 audit(1236632754.531:4542): in /var/log/messages and type=APPARMOR_ALLOWED msg=audit(1236632965.286:4973): in /var/log/audit/audit.log I'm not sure why they're different but aa-genprof apparently chokes on the former while having no problems with the latter. It's auditd 1.7.4-1 and apparmor 1289-0ubuntu4.1 as reported by dpkg -l. I'd like to investigate it further however I'm not sure what to take a look next? Can you please guide me a bit here? PS. By an empty profile I mean something like this #include <tunables/global> /home/dsuch/bin/ea.sh flags=(complain) { #include <abstractions/base> } -- aa-genprof creates empty profiles from /var/log/messages entries (works fine with auditd) https://bugs.launchpad.net/bugs/340183 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
