Public bug reported:
Rsyslog is a daemon installed on all Ubuntu systems and processes
unfiltered input. While it has a solid design, it would be nice if we
could provide an AppArmor profile for it that people can opt into. The
profile can be enabled in the normal way 'sudo aa-enforce
/etc/apparmor.d/usr.sbin.rsyslogd' and is expected to work in the
default installation.
While it would be very desirable to turn this on by default in the
future, I don't think we should for 12.04 since getting the profile
wrong would result in no logging outout. Also, rsyslog is difficult to
maintain because it is highly configurable, however the default profile
should cover many use cases when writing files in /var/log.
** Affects: rsyslog (Ubuntu)
Importance: Wishlist
Assignee: Jamie Strandboge (jdstrand)
Status: In Progress
** Affects: rsyslog (Ubuntu Precise)
Importance: Wishlist
Assignee: Jamie Strandboge (jdstrand)
Status: In Progress
** Also affects: rsyslog (Ubuntu Precise)
Importance: Undecided
Status: New
** Changed in: rsyslog (Ubuntu Precise)
Importance: Undecided => Wishlist
** Changed in: rsyslog (Ubuntu Precise)
Status: New => In Progress
** Changed in: rsyslog (Ubuntu Precise)
Milestone: None => precise-alpha-2
** Changed in: rsyslog (Ubuntu Precise)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/914820
Title:
add disabled by default apparmor profile
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/914820/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
