touch-packages team mailing list archive

Thread
Date

[Bug 970647] Re: Denials due to "deleted" are not being logged

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Jamie Strandboge <jamie@xxxxxxxxxx>
Date: Thu, 09 Oct 2014 21:00:09 -0000
Reply-to: Bug 970647 <970647@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Tags added: aa-feature

** Changed in: apparmor (Ubuntu)
       Status: New => Confirmed

** Changed in: linux
       Status: New => Confirmed

** Changed in: apparmor
       Status: New => Confirmed

** Changed in: apparmor
   Importance: Undecided => Low

** Changed in: apparmor (Ubuntu)
   Importance: Undecided => Low

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/970647

Title:
  Denials due to "deleted" are not being logged

Status in AppArmor Linux application security framework:
  Confirmed
Status in The Linux Kernel:
  Confirmed
Status in “apparmor” package in Ubuntu:
  Confirmed

Bug description:
  When apparmor is enforcing a profile the default mode is to handle deleted files through file labeling and delegation.  However there are currently cases when this is not sufficient and will result in an access denial that should have an an info field of
    info="Failed name lookup - deleted entry"

  However these log messages are not being generated, and apparmor is
  rejecting accesses based on deleted entries being mediated.  See Bug
  #969299 as one case where this is happening.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/970647/+subscriptions