[Bug 531512] New: Yast AppArmor - Unable to Save Changes to:- and Serious Problems with the WHOLE Collection of AppArmor Icons off YaST
http://bugzilla.novell.com/show_bug.cgi?id=531512 Summary: Yast AppArmor - Unable to Save Changes to:- and Serious Problems with the WHOLE Collection of AppArmor Icons off YaST Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: x86-64 OS/Version: openSUSE 11.1 Status: NEW Severity: Major Priority: P5 - None Component: AppArmor AssignedTo: jeffm@novell.com ReportedBy: alpha096@virginbroadband.com.au QAContact: qa@suse.de Found By: --- User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-GB; rv:1.9.0.10) Gecko/2009042700 SUSE/3.0.10-1.1.1 Firefox/3.0.10 Security Event Notification - where the severity cannot be changed from 0 and saved to any other value. Security Event Report - where it is not possible to save a different export type other than 'both' Security Event Report - where the 'Next" button closes the Window and sub service of AppArmor. Add Profile Wizard - Create a test profile name>Next> I dont know what language "lbarsov, espenbo, kover" options are written in. The help for this page, whilst comprehensive, does not discuss why this application needs an online internet connection? The Help for just about all AppArmor screen, in particular the help on "Add Profile Wizard, is informative but lacks realistic examples and its hard to read - Its a bit like reading 'BIND ' In the Add Profile Wizard is is possible to create the application 'test' and the 'browse button browses the root of the directory structure. The AppArmor 'Profile Repository setup' from the 'Add Profile Wizard' offers a Dialogue Window, with no associated help on the window and can only be switched between "create a new user" and "login as a registered user" or "Cancel" without any explanation nor clarification. If the "Cancel" button is used to close the "register or login window" it closes to a blank screen with the mid of the whole process not being completed with "Next" where upon the Add Profile Wizard closes. Reproducible: Always Steps to Reproduce: 1.its a disaster - the whole lot of all AppArmor controls in this and other bug reports that are not duped 2. 3. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=531512
Scott Couston
http://bugzilla.novell.com/show_bug.cgi?id=531512
User alpha096@virginbroadband.com.au added comment
http://bugzilla.novell.com/show_bug.cgi?id=531512#c2
--- Comment #2 from Scott Couston
http://bugzilla.novell.com/show_bug.cgi?id=531512
http://bugzilla.novell.com/show_bug.cgi?id=531512#c
Katarina Machalkova
http://bugzilla.novell.com/show_bug.cgi?id=531512
http://bugzilla.novell.com/show_bug.cgi?id=531512#c
Katarina Machalkova
http://bugzilla.novell.com/show_bug.cgi?id=531512
http://bugzilla.novell.com/show_bug.cgi?id=531512#c3
Jozef Uhliarik
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c
Jozef Uhliarik
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c4
--- Comment #4 from Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c5
--- Comment #5 from Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c
Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c
Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c
Christian Boltz
https://bugzilla.novell.com/show_bug.cgi?id=531512 https://bugzilla.novell.com/show_bug.cgi?id=531512#c Bug 531512 depends on bug 531162, which changed state. Bug 531162 Summary: The Addition of YaST>Apparmour>Update Profile wizard does not hint at which type of password nor does it even function it the correct ones are inserted. http://bugzilla.novell.com/show_bug.cgi?id=531162 What |Old Value |New Value ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WONTFIX -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c7
Jiri Srain
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c8
--- Comment #8 from Jiri Srain
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c9
--- Comment #9 from Jiri Srain
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c10
Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c11
--- Comment #11 from Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c12
--- Comment #12 from Jiri Srain
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c13
Jiri Srain
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c14
Christian Boltz
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c15
--- Comment #15 from Jiri Srain
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c16
Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c17
--- Comment #17 from Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c18
Jiri Srain
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c19
--- Comment #19 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c20
--- Comment #20 from Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c21
--- Comment #21 from Jiri Srain
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c22
--- Comment #22 from Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c23
Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c24
--- Comment #24 from Christian Boltz
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c25
--- Comment #25 from Jiri Srain
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c26
--- Comment #26 from Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c27
--- Comment #27 from Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c28
--- Comment #28 from Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c29
--- Comment #29 from Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c30
Jiri Srain
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c31
--- Comment #31 from Christian Boltz
Sorry Christian, Comment #27 is very much for you as well It would also be advantageous for you to view all the JPG attachments
I have viewed all the JPGs, and, big surprise, they don't look cryptic to me ;-) because I know enough about AppArmor. That doesn't make the YaST modules really good and easy to use, but explains the problem - people who know AppArmor will also understand the YaST modules (which are basically a clickable GUI for the aa-* commandline tools).
I dont believe Apparmour does anything at all -
Trust me - it does ;-)
I cannot stress the importance of viewing all JPG images titled 'complete collection of apparmour image bugs'
As I said: basically YaST makes the aa-* commandline tools clickable. For people who know AppArmor, that's perfectly fine (I prefer the commandline tools, but that's OT here). For people who don't know anything about AppArmor, the YaST dialogs are as understandable (or not) as the aa-* tools on the commandline. The easiest bugfix would be to recommend to RTFM ;-) (there's a nice chapter about AppArmor in the openSUSE security guide) but I know that users don't like to read the fine manual ;-) even if it would be a very good idea when it comes to security-relevant topics like AppArmor. That said, I agree with Jiri's proposal: name the top 3 issues that should be fixed step by step, and if possible, describe how to make them better. (And please don't read the manual before doing that - you would no longer be a "real user" ;-)) Oh, and BTW: (In reply to comment #27)
[...] this could be far easily driven and done inhouse.
Inhouse? Do you see any @suse.com or @novell.com in my mail address? ;-) I'm "only" a community member who cares about the apparmor package since some months (and about the profiles since a longer time). The reason is fairly simple: I need AppArmor on my servers. Not more, not less ;-) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c32
Scott Couston
Scott, I think that we should change the way to tackle the AppArmor module. I don't want to question the fact that it deserves a complete rewrite, anyway, as I'm not able (time-wise) to do it and don't think anyone else wants to step in, we need a different approach.
Having a list of screens which should be changed is useful - but, to be honest, not that much if it includes almost every screen. Also, it is not easy to track the progress.
Could you, please, identify the three top issues of the module and file them as separate bugs (and assign them to me)? I don't want to pick them myself, you as someone who actually uses the module can do much better job here. Then it will be much easier to fix them one-by-one, in the order of severity for you - a real user.
Yes off course I see the value in your thoughts and will assist with 3 separate BUGs. I will change the action code here soon and link but not make dependant the 3 new bug types...Did you get a laugh at the notification example.. I think using the email field to enter Jiri@#######.overworked.com was the perfect example of a field that will accept ANY character and then do nothing about a valid entry..Which comes down to the only valid entry is to use a system mail format NOT POP3...Words fail me with this one.. I get it done mate...:-) Scott -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c33
--- Comment #33 from Christian Boltz
Christian - I never underestimate the good other members do - I cannot comment directly in this form of the different undertone that Yast has. Saying Trust me it works is about as logical as 'Trust me I'm a doctor...(giggles)
As for Yast Apparmour working --- The whole notification Module does nothing....
And that's why 12.1 will not contain the notification module ;-) (see comment #24 for the details). My statement was meant for the things that are available in 12.1, and I'm quite sure they work. And at least my statement was more correct than your "I dont believe Apparmour does anything at all" *g,d&r* BTW: It's "AppArmor", not "AppArmo_u_r" - but your version sounds lovely *SCNR* That said: Let's avoid over-general statements (like "$program is bug-free") - they'll never be 100% correct ;-) Instead, let's get the work done to make openSUSE better!
using the email field to enter Jiri@#######.overworked.com was the perfect example of a field that will ^^^^^^^^^^^^^^ Yes, that's really a perfect example ;-))
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c34
Jiri Srain
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c35
--- Comment #35 from Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c36
--- Comment #36 from Jiri Srain
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c37
--- Comment #37 from Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c38
--- Comment #38 from Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c39
Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c
Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c40
Jiri Srain
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c41
--- Comment #41 from Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c
Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=531512
https://bugzilla.novell.com/show_bug.cgi?id=531512#c42
--- Comment #42 from Christian Boltz
I can open a new bug and detail the errors in just 1 of the 7 categories in Yast.
Thanks in advance! Please make sure to base your bugreports on openSUSE 12.1. Some YaST modules there already got some small fixes, and others were removed because the underlying code for reporting (aa-eventd) in apparmor is deprecated and doesn't understand the new audit.log format. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com