Missing rules in php5 abstraction
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Bug Description
[impact]
This bug prevents the proper functioning of apache mod_php with
mod_apparmor.
[steps to reproduce]
1) setuo apache and mod_php, verify php scripts are working
2) stop apache2
3) install mod_apparmor
4) restart apache2
5) with fix applied, apache should not generate rejections for /tmp/.ZendSem.*
for php scripts confined by mod_apparmor
[regression potential]
The change to the php abstraction in the patch for this bug is a
slight loosening of the apparmor policy. The risk of an introduced
regression is small.
[original description]
I am using apache mod_apparmor with a wordpress blog. In my rules I have:
#include <abstractions/php5>
But this did not allow all access that was needed:
apparmor="DENIED" operation=
apparmor="DENIED" operation=
This access seems to be needed by opcache module, I found some info about it here:
https:/
Ubuntu 14.04.1
apparmor 2.8.95~
Changed in apparmor (Ubuntu): | |
status: | New → Triaged |
importance: | Undecided → Medium |
For the records: this is fixed in upstream bzr (trunk and 2.9 branch) since 2014-06-24.