Re: [opensuse-factory] AppArmor 2.7 in factory - please test!

15 Sep 2011

      On 09/15/2011 09:25 AM, Peter Czanik wrote:
...
On 09/14/2011 11:46 PM, Christian Boltz wrote:
...
Hello,
AppArmor 2.7 (beta1) is in Factory since some hours.
Short version: please test it and report any problems you notice.
The first problem I noticed, that it does not seem to be in the default
selection any more. I did not enable capabilities support in the
syslog-ng package, as it was enforced by AppArmor anyway. But I have to
reconsider it, if AppArmor is not installed by default...
I'm doing a fresh factory installation right now and let you know any
syslog-ng related problems, if I find.
Here it is:

linux-fsru:~ # dmesg | grep syslog-ng
[    5.836280] type=1400 audit(1316065085.053:4): apparmor="STATUS"
operation="profile_load" name="/sbin/syslog-ng" pid=678
comm="apparmor_parser"
[   15.649548] type=1400 audit(1316065094.883:27): apparmor="DENIED"
operation="open" parent=1924 profile="/sbin/syslog-ng"
name="/sys/devices/system/cpu/online" pid=1925 comm="syslog-ng"
requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[   15.717490] type=1400 audit(1316065094.950:28): apparmor="DENIED"
operation="open" parent=1926 profile="/sbin/syslog-ng"
name="/var/run/syslog-ng/additional-log-sockets.conf" pid=1927
comm="syslog-ng" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[  100.765518] type=1400 audit(1316065180.486:29): apparmor="DENIED"
operation="open" parent=7523 profile="/sbin/syslog-ng"
name="/sys/devices/system/cpu/online" pid=7526 comm="syslog-ng"
requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[  100.780871] type=1400 audit(1316065180.502:30): apparmor="DENIED"
operation="open" parent=7529 profile="/sbin/syslog-ng"
name="/var/run/syslog-ng/additional-log-sockets.conf" pid=7530
comm="syslog-ng" requested_mask="r" denied_mask="r" fsuid=0 ouid=0

I have never seen the "/sys/devices/system/cpu/online" message before.
The "/var/run/syslog-ng/additional-socets.conf" is something I added to
/etc/apparmor.d/sbin.syslog-ng long time ago, when introduced syslog-ng
3.X to openSUSE. It's SuSE specific, and adds additional log sockets
from chroot-s to syslog-ng.conf

Bye,
CzP
-- 
To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-factory+help@opensuse.org