touch-packages team mailing list archive

[Tyler Hicks <tyhicks@xxxxxxxxxxxxx>]

I'm unable to reproduce this (allowed) denial. I pulled down the exact
profile linked to in the bug description and then went through these
steps:

$ sudo apparmor_parser -r /tmp/wpa_supplicant.profile
$ sudo systemctl restart wpa_supplicant.service
$ sudo d-feet # to get a valid path
$ sudo dbus-send --system --type=method_call --print-reply --dest=fi.w1.wpa_supplicant1 /fi/w1/wpa_supplicant1/Interfaces/1/BSSs/0 org.freedesktop.DBus.Properties.GetAll string:"fi.w1.wpa_supplicant1.BSS"

The properties are displayed and there is no (allowed) denial is the
syslog.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1511791

Title:
  dbus rule regression with wpa supplicant profile

Status in apparmor package in Ubuntu:
  New

Bug description:
  I'm running wpa-supplicant with the following profile in complain
  mode:

   http://paste.ubuntu.com/13011146/

  After upgrading from vivid to wiley I get lots of notifications like
  this in syslog:

  [256841.262100] audit: type=1107 audit(1446223151.195:18142): pid=822
  uid=103 auid=4294967295 ses=4294967295 msg='apparmor="ALLOWED"
  operation="dbus_method_call"  bus="system"
  path="/fi/w1/wpa_supplicant1/Interfaces/19/BSSs/3103"
  interface="org.freedesktop.DBus.Properties" member="GetAll"
  name=":1.259" mask="receive" pid=1287 label="/sbin/wpa_supplicant"
  peer_pid=10013 peer_label="unconfined" exe="/usr/bin/dbus-daemon"
  sauid=103 hostname=? addr=? terminal=?'

  However, AFAICS, this should (and was in vivid) match lines 32-34 of
  the profile and shouldn't cause a log entry.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1511791/+subscriptions