touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #25828
[Bug 1169568] Re: aa-unconfined does not always display unconfined processes with dual-stack
** Also affects: apparmor
Importance: Undecided
Status: New
** Changed in: apparmor
Importance: Undecided => Low
** Changed in: apparmor
Status: New => Triaged
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1169568
Title:
aa-unconfined does not always display unconfined processes with dual-
stack
Status in AppArmor Linux application security framework:
Triaged
Status in “apparmor” package in Ubuntu:
Triaged
Bug description:
In performing install audits for 13.04, I noticed that aa-unconfined
did not list apache. Apache by default listens on both IPv4 and IPv6
in Ubuntu 13.04, but only lists in netstat tcp6. Eg:
$ sudo netstat -atuvpn|grep apache
tcp6 0 0 :::80 :::* LISTEN 1746/apache2
$ w3m -dump http://192.168.122.242
It works!
...
$ sudo aa-status | grep apache
$ sudo aa-unconfined | grep apache
It works fine with ipv6 disabled:
$ sudo netstat -atuvpn|grep apache
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2389/apache2
$ sudo aa-unconfined | grep apache
2389 /usr/lib/apache2/mpm-prefork/apache2 (/usr/sbin/apache2) not confined
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1169568/+subscriptions