Mailinglist Archive: opensuse-factory (1264 mails)
| < Previous | Next > |
Re: [opensuse-factory] AppArmor 2.7 in factory - please test!
- From: Peter Czanik <pczanik@xxxxxxxxxxxxxx>
- Date: Thu, 15 Sep 2011 10:15:48 +0200
- Message-id: <4E71B434.2060409@fang.fa.gau.hu>
On 09/15/2011 09:25 AM, Peter Czanik wrote:
linux-fsru:~ # dmesg | grep syslog-ng
[ 5.836280] type=1400 audit(1316065085.053:4): apparmor="STATUS"
operation="profile_load" name="/sbin/syslog-ng" pid=678
comm="apparmor_parser"
[ 15.649548] type=1400 audit(1316065094.883:27): apparmor="DENIED"
operation="open" parent=1924 profile="/sbin/syslog-ng"
name="/sys/devices/system/cpu/online" pid=1925 comm="syslog-ng"
requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 15.717490] type=1400 audit(1316065094.950:28): apparmor="DENIED"
operation="open" parent=1926 profile="/sbin/syslog-ng"
name="/var/run/syslog-ng/additional-log-sockets.conf" pid=1927
comm="syslog-ng" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 100.765518] type=1400 audit(1316065180.486:29): apparmor="DENIED"
operation="open" parent=7523 profile="/sbin/syslog-ng"
name="/sys/devices/system/cpu/online" pid=7526 comm="syslog-ng"
requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 100.780871] type=1400 audit(1316065180.502:30): apparmor="DENIED"
operation="open" parent=7529 profile="/sbin/syslog-ng"
name="/var/run/syslog-ng/additional-log-sockets.conf" pid=7530
comm="syslog-ng" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
I have never seen the "/sys/devices/system/cpu/online" message before.
The "/var/run/syslog-ng/additional-socets.conf" is something I added to
/etc/apparmor.d/sbin.syslog-ng long time ago, when introduced syslog-ng
3.X to openSUSE. It's SuSE specific, and adds additional log sockets
from chroot-s to syslog-ng.conf
Bye,
CzP
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
On 09/14/2011 11:46 PM, Christian Boltz wrote:Here it is:
Hello,The first problem I noticed, that it does not seem to be in the default
AppArmor 2.7 (beta1) is in Factory since some hours.
Short version: please test it and report any problems you notice.
selection any more. I did not enable capabilities support in the
syslog-ng package, as it was enforced by AppArmor anyway. But I have to
reconsider it, if AppArmor is not installed by default...
I'm doing a fresh factory installation right now and let you know any
syslog-ng related problems, if I find.
linux-fsru:~ # dmesg | grep syslog-ng
[ 5.836280] type=1400 audit(1316065085.053:4): apparmor="STATUS"
operation="profile_load" name="/sbin/syslog-ng" pid=678
comm="apparmor_parser"
[ 15.649548] type=1400 audit(1316065094.883:27): apparmor="DENIED"
operation="open" parent=1924 profile="/sbin/syslog-ng"
name="/sys/devices/system/cpu/online" pid=1925 comm="syslog-ng"
requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 15.717490] type=1400 audit(1316065094.950:28): apparmor="DENIED"
operation="open" parent=1926 profile="/sbin/syslog-ng"
name="/var/run/syslog-ng/additional-log-sockets.conf" pid=1927
comm="syslog-ng" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 100.765518] type=1400 audit(1316065180.486:29): apparmor="DENIED"
operation="open" parent=7523 profile="/sbin/syslog-ng"
name="/sys/devices/system/cpu/online" pid=7526 comm="syslog-ng"
requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 100.780871] type=1400 audit(1316065180.502:30): apparmor="DENIED"
operation="open" parent=7529 profile="/sbin/syslog-ng"
name="/var/run/syslog-ng/additional-log-sockets.conf" pid=7530
comm="syslog-ng" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
I have never seen the "/sys/devices/system/cpu/online" message before.
The "/var/run/syslog-ng/additional-socets.conf" is something I added to
/etc/apparmor.d/sbin.syslog-ng long time ago, when introduced syslog-ng
3.X to openSUSE. It's SuSE specific, and adds additional log sockets
from chroot-s to syslog-ng.conf
Bye,
CzP
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
| < Previous | Next > |