Hello, on Donnerstag, 18. August 2011, Peter Czanik wrote:
On 08/18/2011 10:25 AM, Sascha Peilicke wrote:
On Thursday 18 August 2011 10:17:23 Peter Czanik wrote:
syslog-ng in factory and ran into an interesting problem: ... It works fine when I disable AppArmor. Any hints why I get "Operation not permitted", when access to the file is actually allowed?
For the records: /var/log/audit/audit.log will always provide hints ;-)
@CBoltz: Clearly a job for a battle-hardened AppArmorer ;-)
;-)
Just figured out. Capabilities was changed around 2.6.38, so it needs now:
capability syslog,
I just created https://bugzilla.novell.com/show_bug.cgi?id=712820
I did not test, but it might also affect other syslog implementations...
Yes, the good old syslogd also requires it (at least according to the AppArmor developers). I just commited the patch to add "capability syslog" to the syslog-ng and syslogd profiles upstream and also attached it to the bugreport. However, I'd prefer if we get AppArmor 2.7 beta into Factory. It will be released very soon (John Johansen is currently preparing it).
Oh, and it's alredy there:
linux-1wrf:/etc/apparmor.d # grep "capability syslog," * sbin.klogd: capability syslog,
Yes, it was added by an openSUSE patch which I also commited upstream. That makes a total of 16 successfully upstreamed AppArmor patches (some of them in a modified/updated version) in the last two weeks :-) Regards, Christian Boltz -- :O h:, ich schmeiß mich weg. Wenn es das mit dem Quiz nicht ist, ist es dann so ein Pyramidenschema? Bekommt man eine Prämie, wenn man einen weiteren Newbie in sein Unglück lockt? [Thorsten Haude in suse-linux] -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org