[Pkg-libvirt-maintainers] Bug#878203: [pkg-apparmor] Bug#878203: Bug#878203: Bug#878203: AA breaks libvirt when running with kernel 4.13
Christian Boltz
debian-bugs at cboltz.de
Mon Oct 23 17:10:50 UTC 2017
Hello,
Am Montag, 23. Oktober 2017, 09:14:52 CEST schrieb intrigeri:
>> 2017-10-11T14:43:54.683220+02:00 pluto kernel: [ 355.112941] audit:
> > type=1400 audit(1507725834.681:55): apparmor="DENIED"
> > operation="open"
> > profile="libvirt-4e5a8920-a2a1-4c6b-b7f1-528c20878cdd"
> > name="/proc/684/cmdline" pid=3154 comm="qemu-system-x86"
> > requested_mask="r" denied_mask="r" fsuid=114 ouid=0
> Shall we silence the denial or allow it
No idea about that, but...
> (possibly prefixed with "owner" to avoid increasing the attack
> surface too much)?
Have a look at the denial again - fsuid != ouid, so you can't use an
owner rule.
Also, the pid is not the same as in the /proc/*/cmdline name, so please
use @{pids}, not the (planned-to-be-restricted-to-own-pid) @{pid}
variable.
Regards,
Christian Boltz
--
Ein Killfile ist der natürliche Lebensraum von Trollen und Elchen. Wenn
sich jemand zu ihnen gesellt, entstehen lustige Geräusche, wie PLONK.
Manchmal machts auch PLATSCH, wenn der Lebensraum bereits überbevölkert
ist. [David Dahlberg]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-libvirt-maintainers/attachments/20171023/8e9ae87f/attachment-0001.sig>
More information about the Pkg-libvirt-maintainers
mailing list