touch-packages team mailing list archive

Thread
Date

[Bug 1377338] Re: apparmor may fail to load some profiles if one is corrupted

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Jamie Strandboge <jamie@xxxxxxxxxx>
Date: Tue, 07 Oct 2014 13:49:32 -0000
Reply-to: Bug 1377338 <1377338@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Upon further investigation, python3-apparmor-click and python3-apparmor-
easyprof both use shutil.move() to put a temp file into place.
shutil.move() will use os.rename() if the files reside on the same file,
but will use shutil.copy2() followed by an unlink otherwise. Since the
tempfile.mkstemp() in both cases does not specify to use a different
temp directory (ie, dir=None), these files will be created in /tmp,
which is a tmpfs on devices (verified on mako), therefore the
shutil.move() is not atomic. This confirms that utilizing a blocking
lock file will prevent at least some forms of races and corruption. We
could adjust the mkstemp() call to use the same filesystem, however,
that would result in unexpected behavior when two aa-clickhooks are run
at the same time (ie, both would think they did everything correctly but
each could have missed something).

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1377338

Title:
  apparmor may fail to load some profiles if one is corrupted

Status in “apparmor” package in Ubuntu:
  Triaged
Status in “click-apparmor” package in Ubuntu:
  In Progress
Status in “click-apparmor” package in Ubuntu RTM:
  In Progress

Bug description:
  Steps to reproduce (on the emulator):
  1. sudo sh -c 'echo foo > /var/lib/apparmor/profiles/click_com.ubuntu.music_music_1.3.638'
  2. sudo start apparmor ACTION=teardown
  3. sudo start apparmor
  start: Job failed to start
  4. sudo aa-status|egrep '^ '|grep -v '('| sort -u > /tmp/aa-status.music_bad
  5. sudo rm -f /var/lib/apparmor/profiles/click_com.ubuntu.music_music_1.3.638
  6. sudo aa-clickhook # regenerates the missing profile to had a good one
  7. sudo start apparmor ACTION=teardown
  8. sudo start apparmor
  9. sudo aa-status|egrep '^ '|grep -v '('| sort -u > /tmp/aa-status.music_good
  10. diff -Naur /tmp/aa-status.music_bad /tmp/aa-status.music_good
  --- /tmp/aa-status.music_bad	2014-10-03 22:47:52.890906744 +0000
  +++ /tmp/aa-status.music_good	2014-10-03 22:49:54.372739381 +0000
  @@ -13,6 +13,10 @@
      com.ubuntu.developer.webapps.webapp-twitter_webapp-twitter_1.0.18//oxide_helper
      com.ubuntu.developer.webapps.webapp-twitter_webapp-twitter-helper_1.0.18
      com.ubuntu.dropping-letters_dropping-letters_0.1.2.2.66
  +   com.ubuntu.music_music_1.3.638
  +   com.ubuntu.shorts_shorts_0.2.330
  +   com.ubuntu.sudoku_sudoku_1.1.292
  +   com.ubuntu.weather_weather_1.1.374
      lxc-container-default
      lxc-container-default-with-mounting
      lxc-container-default-with-nesting

  Expected results: only com.ubuntu.music_music_1.3.638 should be
  missing.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1377338/+subscriptions

References

[Bug 1377338] [NEW] apparmor may fail to load some profiles if one is corrupted
From: Jamie Strandboge, 2014-10-03