aa-logprof fails with unknown mode "reweive"
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
Fix Released
|
Undecided
|
Christian Boltz | ||
2.10 |
Fix Released
|
Undecided
|
Christian Boltz | ||
apparmor (Ubuntu) |
Fix Released
|
Medium
|
Tyler Hicks | ||
Xenial |
Fix Released
|
Medium
|
Tyler Hicks |
Bug Description
[Impact]
AppArmor policy developers cannot use aa-logprof without it exiting with a traceback on certain denial messages.
[Test Case]
$ echo 'Apr 30 21:53:05 nova kernel: [24668.960760] audit: \
type=1400 audit(146204598
operation=
laddr=:
family="inet6" sock_type="stream" ^Cotocol=6 requested_
denied_
$ mkdir -p /tmp/profiles && printf "profile foo {\n}" > /tmp/profiles/foo
$ aa-logprof -f /tmp/log -d /tmp/profiles
Expected output of the last command is:
Reading log entries from /tmp/log.
Updating AppArmor profiles in /tmp/profiles.
[Regression Potential]
There is little potential for regression. This "hotfix" could result in some slight confusion because the problematic denial messages will simply be ignored but it allows aa-logprof to do its intended job without unexpectedly exiting.
[Original Report]
Ubuntu 16.04.
Profiling apache tomcat.
1) aa-genprof on the catalina.sh script that is used to start and stop tomcat.
2) Start and stop tomcat.
3) Scan and save the profile.
4) aa-complain on the tomcat profile
5) Start tomcat again and this time also send a http request to tomcat.
6) Run aa-logprof which fails with this message
Reading log entries from /var/log/syslog.
Updating AppArmor profiles in /etc/apparmor.d.
Traceback (most recent call last):
File "/usr/lib/
self.
File "/usr/lib/
e = self.parse_
File "/usr/lib/
raise AppArmorExcepti
apparmor.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/sbin/
apparmor.
File "/usr/lib/
log = log_reader.
File "/usr/lib/
raise AppArmorBug(ex_msg) # py3-only: from None
apparmor.
This error was caused by the log line:
Apr 30 21:53:05 nova kernel: [24668.960760] audit: type=1400 audit(146204598
An unexpected error occoured!
For details, see /tmp/apparmor-
Please consider reporting a bug at https:/
and attach this file.
tags: | added: aa-tools |
Changed in apparmor: | |
status: | New → Confirmed |
Changed in apparmor (Ubuntu Xenial): | |
status: | Confirmed → In Progress |
Changed in apparmor (Ubuntu): | |
importance: | Undecided → Medium |
Changed in apparmor (Ubuntu Xenial): | |
importance: | Undecided → Medium |
assignee: | nobody → Tyler Hicks (tyhicks) |
Changed in apparmor (Ubuntu): | |
assignee: | nobody → Tyler Hicks (tyhicks) |
description: | updated |
no longer affects: | linuxmint |
Changed in apparmor: | |
assignee: | nobody → Christian Boltz (cboltz) |
Changed in apparmor: | |
status: | Fix Committed → Fix Released |
Status changed to 'Confirmed' because the bug affects multiple users.