Python utils lack support for signal rules
Bug #1300316 reported by
Jamie Strandboge
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
Fix Released
|
Undecided
|
Unassigned | ||
apparmor (Ubuntu) |
Fix Released
|
Undecided
|
Tyler Hicks |
Bug Description
aa.py doesn't support signal rules and emits a traceback when encountering them.
Related branches
Changed in apparmor (Ubuntu): | |
assignee: | nobody → Tyler Hicks (tyhicks) |
Changed in apparmor: | |
milestone: | none → 2.9.0 |
To post a comment you must log in.
This bug was fixed in the package apparmor - 2.8.95~ 2430-0ubuntu5
--------------- 2430-0ubuntu5) trusty; urgency=medium
apparmor (2.8.95~
* debian/control: add versioned Breaks to apparmor for lxc, libvirt-bin, easyprof- ubuntu
lightdm and apparmor-
apparmor (2.8.95~ 2430-0ubuntu4) trusty; urgency=medium
[ John Johansen, Steve Beattie ] patches/ mediate- signals. patch, patches/ change- signal- syntax. patch: Parse signal rules with parser. See the apparmor.d(5) man page for syntax details. patches/ change- ptrace- syntax. patch, patches/ mediate- ptrace. patch: Parse ptrace rules with parser. See the apparmor.d(5) man page for syntax details. patches/ test-signal- rules.patch, patches/ test-ptrace- rules.patch, patches/ update- tests-for- new-semantics. patch: Update existing patches/ fix-garbage- in-preprocessor -output. patch: Fix bug causing parser preprocessor output to contain garbage after include patches/ fix-double- comma-in- preprocessor- output. patch: Fix bug patches/ symtab- tests-and- seenlist- bug.patch, patches/ add-profile- name-variable. patch: Add ${profile_name} patches/ fix-names- treated- as-condlistid. patch: Fix parser bug that caused mount and dbus rules to fail for sets of
* Add userspace support for AppArmor signals and ptrace mediation
(LP: #1298611)
+ debian/
debian/
apparmor_
+ debian/
debian/
apparmor_
+ debian/
debian/
debian/
tests and add new tests for signal and ptrace mediation
+ debian/
apparmor_
statements
+ debian/
causing apparmor_parser preprocessor output to contain double commas
after some rules
+ debian/
debian/
variable for use in profiles when rules need to specify the current
profile's name. This is useful for signal and ptrace rules that specify
+ debian/
apparmor_
values
[ Jamie Strandboge ] patches/ update- base-abstractio n-for-signals- and-ptrace. patch: patches/ manpage- signal- ptrace. patch: Update the apparmor.d man patches/ dnsmasq- libvirtd- signal- ptrace. patch: Update the dnsmasq patches/ update- chromium- browser. patch: Adjust the chromium-browser
* debian/
Adjust the base abstraction for signals and ptrace mediation. Profiles
that use the base abstraction can deny any of the granted permissions to
achieve tighter confinement.
* debian/
page to document signal rules, ptrace rules, and variables for use in
AppArmor profiles
* debian/
profile to allow libvirtd to send signals to and ptrace read the dnsmasq
process
* debian/
profile for permissions needed in newer chromium-browser versions and add
the rules needed for AppArmor ptrace mediation
[ Tyler Hicks ] patches/ python- utils-file- support. patch: Support path rules patches/ python- utils-signal- support. patch: Parse and write signal patches/ python- utils-ptrace- support. patch: Parse and write ptrace
* Add new rule type support to aa.py to fix tracebacks when using the Python
utilities in apparmor-utils on systems with AppArmor profiles containing
previously unsupported rule types
- debian/
containing the "file" prefix (LP: #1295346)
- debian/
rules (LP: #1300316)
- debian/
rules (LP: #1300317)...