[pkg-apparmor] Bug#771400: apparmor-utils: aa-logprof/aa-genprof not updating policy
Simon Brandmair
sbrandmair at gmx.net
Sat Nov 29 07:55:46 UTC 2014
Package: apparmor-utils
Version: 2.9.0-2
Severity: important
I recently upgrade to jessie. I noticed now that aa-logprof/aa-genprof
(for apparmor) stopped working. When I try to create a new profile with
aa-genprof it doesn't add any rules while I see them in the logs. Same
with aa-logprof (both worked just fine in wheezy).
How to reproduce:
1. Make test script `/home/user/test-aa`:
#!/bin/sh
ls /
2. Run (as root) `aa-genprof /home/user/test-aa`
3. Run (as user) `/home/user/test-aa` which creates a log entry like:
kernel: audit: type=1400 audit(1417247026.817:51):
apparmor="ALLOWED" operation="open" profile="/home/user/test"
name="/" pid=2325 comm="ls" requested_mask="r" denied_mask="r"
fsuid=1000 ouid=0
4. When pressing (S)can in aa-genprof it reads:
Reading log entries from /var/log/syslog.
Profiling: /home/user/test
5. Profile is not updated. aa-genprof should have made an entry like:
/ r,
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (600, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages apparmor-utils depends on:
ii apparmor 2.9.0-2
ii libapparmor-perl 2.9.0-2
ii python3 3.4.2-1
ii python3-apparmor 2.9.0-2
apparmor-utils recommends no packages.
Versions of packages apparmor-utils suggests:
pn apparmor-docs <none>
pn vim-addon-manager <none>
-- Configuration Files:
/etc/apparmor/easyprof.conf 60bd3e4b5e848885c704540a6537d365 [Errno 2] No such file or directory: u'/etc/apparmor/easyprof.conf 60bd3e4b5e848885c704540a6537d365'
-- no debconf information
More information about the pkg-apparmor-team
mailing list