[pkg-apparmor] Bug#877581: Patch
Vincas Dargis
vindrg at gmail.com
Thu Oct 5 18:17:35 UTC 2017
Indeed, with 4.14 I got my first Debian network (potential) denies (yay! :-D ):
type=AVC msg=audit(1507226290.361:585): apparmor="ALLOWED" operation="recvmsg" profile="/usr/sbin/avahi-daemon" pid=526
comm="avahi-daemon" family="unix" sock_type="stream" protocol=0 requested_mask="receive" denied_mask="receive"
type=SYSCALL msg=audit(1507226290.361:585): arch=c000003e syscall=47 success=yes exit=394 a0=a a1=7ffc32295f60
a2=40000000 a3=7ffc322960c0 items=0 ppid=1 pid=526 auid=4294967295 uid=116 gid=119 euid=116 suid=116 fsuid=116 egid=119
sgid=119 fsgid=119 tty=(none) ses=4294967295 comm="avahi-daemon" exe="/usr/sbin/avahi-daemon" key=(null)
type=PROCTITLE msg=audit(1507226290.361:585): proctitle=2F7573722F7362696E2F61766168692D6461656D6F6E002D73
type=AVC msg=audit(1507226290.377:601): apparmor="ALLOWED" operation="sendmsg" profile="/usr/sbin/avahi-daemon" pid=526
comm="avahi-daemon" family="unix" sock_type="dgram" protocol=0 requested_mask="send" denied_mask="send"
type=SYSCALL msg=audit(1507226290.377:601): arch=c000003e syscall=44 success=yes exit=61 a0=4 a1=55b432e7f5e0 a2=3d
a3=4000 items=0 ppid=1 pid=526 auid=4294967295 uid=116 gid=119 euid=116 suid=116 fsuid=116 egid=119 sgid=119 fsgid=119
tty=(none) ses=4294967295 comm="avahi-daemon" exe="/usr/sbin/avahi-daemon" key=(null)
type=PROCTITLE msg=audit(1507226290.377:601): proctitle=2F7573722F7362696E2F61766168692D6461656D6F6E002D73
type=AVC msg=audit(1507226290.397:613): apparmor="ALLOWED" operation="create" profile="/usr/sbin/avahi-daemon" pid=526
comm="avahi-daemon" family="unix" sock_type="dgram" protocol=0 requested_mask="create" denied_mask="create"
type=SYSCALL msg=audit(1507226290.397:613): arch=c000003e syscall=41 success=yes exit=3 a0=1 a1=80002 a2=0 a3=73 items=0
ppid=1 pid=526 auid=4294967295 uid=116 gid=119 euid=116 suid=116 fsuid=116 egid=119 sgid=119 fsgid=119 tty=(none)
ses=4294967295 comm="avahi-daemon" exe="/usr/sbin/avahi-daemon" key=(null)
type=PROCTITLE msg=audit(1507226290.397:613): proctitle=2F7573722F7362696E2F61766168692D6461656D6F6E002D73
Also, these lines look strange to me (multiple AVC and then SYSCALL/PROC...):
type=AVC msg=audit(1507226290.397:616): apparmor="ALLOWED" operation="file_perm" profile="/usr/sbin/avahi-daemon"
pid=526 comm="avahi-daemon" family="unix" sock_type="stream" protocol=0 requested_mask="receive" denied_mask="receive"
type=AVC msg=audit(1507226290.397:616): apparmor="ALLOWED" operation="file_perm" profile="/usr/sbin/avahi-daemon"
pid=526 comm="avahi-daemon" family="unix" sock_type="stream" protocol=0 requested_mask="receive" denied_mask="receive"
type=AVC msg=audit(1507226290.397:616): apparmor="ALLOWED" operation="recvmsg" profile="/usr/sbin/avahi-daemon" pid=526
comm="avahi-daemon" family="unix" sock_type="stream" protocol=0 requested_mask="receive" denied_mask="receive"
type=SYSCALL msg=audit(1507226290.397:616): arch=c000003e syscall=0 success=yes exit=0 a0=5 a1=7ffc322960de a2=1 a3=67
items=0 ppid=1 pid=526 auid=4294967295 uid=116 gid=119 euid=116 suid=116 fsuid=116 egid=119 sgid=119 fsgid=119
tty=(none) ses=4294967295 comm="avahi-daemon" exe="/usr/sbin/avahi-daemon" key=(null)
type=PROCTITLE msg=audit(1507226290.397:616): proctitle=2F7573722F7362696E2F61766168692D6461656D6F6E002D73
Anyway, patch suggested by Christian Boltz fixes these issues, which is attached.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-fix-nameservice.patch
Type: text/x-patch
Size: 626 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-apparmor-team/attachments/20171005/ab2221f3/attachment.bin>
More information about the pkg-apparmor-team
mailing list