[Bug 720617] New: Missing files in apparmor packages
https://bugzilla.novell.com/show_bug.cgi?id=720617 https://bugzilla.novell.com/show_bug.cgi?id=720617#c0 Summary: Missing files in apparmor packages Classification: openSUSE Product: openSUSE 12.1 Version: Factory Platform: Other OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: AppArmor AssignedTo: jeffm@suse.com ReportedBy: jsrain@suse.com QAContact: qa@suse.de Found By: Development Blocker: --- There are following files missing in the apparmor packages in Factory even though they are included in the sources: aa-eventd (while related init scripts are included) Reports.pm (YaST depends on this one quite a lot) The earlier requires perl-File-Tail, which is not reflected by the packages either. I spot these issues with 2.7.beta2-104.3 from Factory while trying to get the YaST AppArmor modules work. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720617 https://bugzilla.novell.com/show_bug.cgi?id=720617#c1 Christian Boltz <suse-beta@cboltz.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |jsrain@suse.com AssignedTo|jeffm@suse.com |suse-beta@cboltz.de --- Comment #1 from Christian Boltz <suse-beta@cboltz.de> 2011-09-27 21:50:44 CEST --- Good to know someone cares about apparmor and the apparmor yast modules ;-) (if you care enough, feel free to take bug 531512 *eg*) Seriously: Reports.pm and aa-eventd are deprecated upstream (that's why I didn't package them), and seem to be broken as in "they won't see most log messages". Therefore it doesn't really make sense to re-add it IMHO. Some sniplets from discussing this with the upstream developers: [19:55] <sbeattie> yeah, aa-eventd hasn't had any attention in at least 4 years, and is thus considered deprecated by jjohansen and I. [21:10] <jjohansen> cboltz: iirc it sort of works but will miss several/most log entires. [21:11] <jjohansen> the YaST module only requires it because it has a button to turn it on and configure it, so I would say the way to go is disable it [21:11] <jjohansen> at the YaST module [21:13] <jjohansen> in fact I think aa-notify could replace aa-eventd (just not this release) [21:15] <cboltz> another question: can I expect Reports.pm to work? [21:16] <jjohansen> cboltz: hrmm I think it has all the same problems as aa-eventd [21:16] <jjohansen> The big problem was, when these where developed, they where somewhat siloed and the developer did copy and paste coding :/ [21:18] <jjohansen> cboltz: we are slowly trying to put together an api to make things like the YaST module easier [21:19] <jjohansen> at some point it will need to be rewritten, /me plans to have a gui genprof/logprof that YaST would launch I can re-add Reports.pm and aa-eventd to the package if you really want, but I'm afraid that this won't magically solve all problems ;-) The better solution is probably to fix it on the YaST side - even if this means that you just disable the features related to aa-eventd and Reports.pm for now. What's your opinion on this? (If you agree to disable/fix it on the YaST side, I'll of course remove the aa-eventd initscript from the package.) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720617 https://bugzilla.novell.com/show_bug.cgi?id=720617#c2 Jiri Srain <jsrain@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW InfoProvider|jsrain@suse.com | --- Comment #2 from Jiri Srain <jsrain@suse.com> 2011-09-29 06:59:29 UTC --- Regarding aa-eventd: If you decided to remove the daemon itself, I suggest you should also remove its init script. Either add the daemon, or remove its init script. I can adjust YaST to check if the init script exists and and behave according to it (actually, YaST can check for eventd as well as notifyd, which will enable it out of the box. Reports.pm is more difficult - YaST depends on it quite heavily, therefore I would prefer it being added until there is a replacement. I plan to look at the other bugs as well - but as John mentioned a possibility to get a new API soon, I don't think that we should invest any heavily - actually, I tried to make it at least somehow work as part of the SUSE HackWeek :-) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720617 https://bugzilla.novell.com/show_bug.cgi?id=720617#c3 --- Comment #3 from Jiri Srain <jsrain@suse.com> 2011-09-29 08:25:21 UTC --- Checked aaeventd - the code handles possibly non-existing init script correctly - the only issue is that the init script is broken (refers to non-existing daemon), therefore either remove it or add the daemon. If you decide to remove it, please, tell me which parts of the YaST module are void. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720617 https://bugzilla.novell.com/show_bug.cgi?id=720617#c4 --- Comment #4 from Christian Boltz <suse-beta@cboltz.de> 2011-09-29 23:20:55 CEST --- (In reply to comment #2)
Regarding aa-eventd: If you decided to remove the daemon itself, I suggest you should also remove its init script. Either add the daemon, or remove its init script.
Valid point, but I have a good excuse: it's an upstream bug ;-) - they removed aa-eventd from make install, but forgot to remove the initscript.
Reports.pm is more difficult - YaST depends on it quite heavily, therefore I would prefer it being added until there is a replacement.
The problem is that it will be quite useless without aa-eventd. Basically aa-eventd writes messages from the audit.log into a database (well, it would if it would understand the new audit.log format) and Reports.pm does some queries on that database. In other words: without aa-eventd, you/Reports.pm will only see an empty database and therefore get an empty report. Reports.pm will most probably "just work" as soon as the database exists and is filled, however you won't get a guarantee for that because it wasn't maintained for years. I discussed this with John - completely rewriting aa-eventd (or merge its features into aa-notify) would be much easier than fixing aa-eventd. Please don't run away screaming - this sounds harder than it is. Most of the features aa-eventd ha{d,s} are already in aa-notify. The only missing things are: 1. create the database 2. write the notifications into the database (needed for Reports.pm) 3. query the database and send out mails every $interval (aa-notify can already write a similar report to the console, but without using a database and only for "all events", not for "events for /usr/bin/foo". This can be solved in two ways: a) add the missing parts to aa-notify or b) move some subs with shared code from aa-notify to a perl module and write a small new aa-eventd script that only contains non-shared code I'd prefer method b), but I'll leave the decision to the person who implements it. And that's where you can join the game: Are you interested to implement this? It would be more fun than disabling half of the YaST modules ;-) I'll send you the IRC log from #apparmor (on irc.oftc.net, not freenode) with more details of what I summarized above. Feel free to ask on IRC if you have questions and/or ask on the apparmor mailinglist.
actually, I tried to make it at least somehow work as part of the SUSE HackWeek :-)
That's a very good choice for your hackweek project :-) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720617 https://bugzilla.novell.com/show_bug.cgi?id=720617#c5 --- Comment #5 from Jiri Srain <jsrain@suse.com> 2011-09-30 10:52:58 UTC --- (In reply to comment #4)
(In reply to comment #2)
Regarding aa-eventd: If you decided to remove the daemon itself, I suggest you should also remove its init script. Either add the daemon, or remove its init script.
Valid point, but I have a good excuse: it's an upstream bug ;-) - they removed aa-eventd from make install, but forgot to remove the initscript.
Then I believe that you have forwarded this bugreport to upstream :-)
Reports.pm is more difficult - YaST depends on it quite heavily, therefore I would prefer it being added until there is a replacement.
The problem is that it will be quite useless without aa-eventd.
I reviewed the code, disabling the Reporting module was easier than I hoped. I will reenable it once new daemon and interface are in place.
actually, I tried to make it at least somehow work as part of the SUSE HackWeek :-)
That's a very good choice for your hackweek project :-)
I call it masochism ;-) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720617 https://bugzilla.novell.com/show_bug.cgi?id=720617#c6 --- Comment #6 from Christian Boltz <suse-beta@cboltz.de> 2011-10-07 00:28:39 CEST --- (In reply to comment #5)
(In reply to comment #4)
Valid point, but I have a good excuse: it's an upstream bug ;-) - they removed aa-eventd from make install, but forgot to remove the initscript.
Then I believe that you have forwarded this bugreport to upstream :-)
I even commited the patch myself ;-) and will close this bugreport after commiting the fixed package.
I reviewed the code, disabling the Reporting module was easier than I hoped.
That's bad news for me - I had some hope that you'll fix the reporting ;-))
actually, I tried to make it at least somehow work as part of the SUSE HackWeek :-)
That's a very good choice for your hackweek project :-)
I call it masochism ;-)
Sounds like interesting[tm] code... BTW, there's another small thing: the Immunix::Subdomain was renamed to Immunix::AppArmor. Currently I'm including a patch that re-creates Immunix::SubDomain (and hands over everything to Immunix::AppArmor, so you always get the latest version even with the old name). I'll keep the SubDomain module for 12.1, but it would be nice if you can replace usage of Immunix::SubDomain with Immunix::AppArmor so that I don't have to keep the patch forever ;-) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720617 https://bugzilla.novell.com/show_bug.cgi?id=720617#c7 --- Comment #7 from Jiri Srain <jsrain@suse.com> 2011-10-07 06:37:47 UTC --- (In reply to comment #6)
(In reply to comment #5)
I reviewed the code, disabling the Reporting module was easier than I hoped.
That's bad news for me - I had some hope that you'll fix the reporting ;-))
It cannot work withou Reports.pm in the AppArmor package. I will (if time permits) re-enable it when AppArmor provides a stable API that I can rely on.
BTW, there's another small thing: the Immunix::Subdomain was renamed to Immunix::AppArmor. Currently I'm including a patch that re-creates Immunix::SubDomain (and hands over everything to Immunix::AppArmor, so you always get the latest version even with the old name).
It's not necessary, YaST (in 12.1) does not rely on Immunix::Subdomain and was completly migrated to Immunix::AppArmor. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720617 https://bugzilla.novell.com/show_bug.cgi?id=720617#c8 --- Comment #8 from Bernhard Wiedemann <bwiedemann@suse.com> 2011-10-10 02:00:17 CEST --- This is an autogenerated message for OBS integration: This bug (720617) was mentioned in https://build.opensuse.org/request/show/87208 Factory / apparmor -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720617 https://bugzilla.novell.com/show_bug.cgi?id=720617#c9 --- Comment #9 from Christian Boltz <suse-beta@cboltz.de> 2011-10-10 12:23:22 CEST --- (In reply to comment #7)
(In reply to comment #6)
(In reply to comment #5)
I reviewed the code, disabling the Reporting module was easier than I hoped.
That's bad news for me - I had some hope that you'll fix the reporting ;-))
It cannot work withou Reports.pm in the AppArmor package. I will (if time permits) re-enable it when AppArmor provides a stable API that I can rely on.
Well, I had hoped that fixing Reports.pm is easier for you than disabling it in YaST ;-)
BTW, there's another small thing: the Immunix::Subdomain was renamed to Immunix::AppArmor. Currently I'm including a patch that re-creates Immunix::SubDomain (and hands over everything to Immunix::AppArmor, so you always get the latest version even with the old name).
It's not necessary, YaST (in 12.1) does not rely on Immunix::Subdomain and was completly migrated to Immunix::AppArmor.
OK, good to know. I'll keep it for 12.1 just to be sure and will remove it after the 12.1 release. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720617 https://bugzilla.novell.com/show_bug.cgi?id=720617#c10 --- Comment #10 from Jiri Srain <jsrain@suse.com> 2011-10-14 11:49:38 UTC --- (In reply to comment #9)
Well, I had hoped that fixing Reports.pm is easier for you than disabling it in YaST ;-)
As you wrote, it would be useless without the aa-eventd. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720617 https://bugzilla.novell.com/show_bug.cgi?id=720617#c11 Ismail Donmez <idonmez@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |idonmez@suse.com --- Comment #11 from Ismail Donmez <idonmez@suse.com> 2011-10-19 11:14:17 UTC --- I guess this bug is fixed. If so, please close it as fixed. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720617 https://bugzilla.novell.com/show_bug.cgi?id=720617#c12 Christian Boltz <suse-beta@cboltz.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED --- Comment #12 from Christian Boltz <suse-beta@cboltz.de> 2011-10-19 13:53:52 CEST --- (In reply to comment #10)
(In reply to comment #9)
Well, I had hoped that fixing Reports.pm is easier for you than disabling it in YaST ;-)
As you wrote, it would be useless without the aa-eventd.
OK, I should have said "I had hoped that fixing Reports.pm _and aa-eventd_ is easier for you than disabling it in YaST ;-)" ;-) (In reply to comment #11)
I guess this bug is fixed. If so, please close it as fixed.
Yes, it is fixed. The only remaining part is dropping the patch that creates the Immunix::SubDomain perl compatibility module after 12.1 was released. I have a TODO note for it in the spec - no need to keep this bug open. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720617 https://bugzilla.novell.com/show_bug.cgi?id=720617#c13 --- Comment #13 from Bernhard Wiedemann <bwiedemann@suse.com> 2012-05-09 01:00:09 CEST --- This is an autogenerated message for OBS integration: This bug (720617) was mentioned in https://build.opensuse.org/request/show/116788 Factory / apparmor -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com