← Back to team overview

touch-packages team mailing list archive

[Bug 970647] Re: Denials due to "deleted" are not being logged

 

** Also affects: linux (Ubuntu)
   Importance: Undecided
       Status: New

** Changed in: linux (Ubuntu)
       Status: New => Confirmed

** Changed in: linux (Ubuntu)
   Importance: Undecided => Low

** Changed in: apparmor (Ubuntu)
     Assignee: John Johansen (jjohansen) => (unassigned)

** Changed in: apparmor
     Assignee: John Johansen (jjohansen) => (unassigned)

** Tags added: aa-kernel

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/970647

Title:
  Denials due to "deleted" are not being logged

Status in AppArmor Linux application security framework:
  Confirmed
Status in The Linux Kernel:
  Confirmed
Status in “apparmor” package in Ubuntu:
  Confirmed
Status in “linux” package in Ubuntu:
  Confirmed

Bug description:
  When apparmor is enforcing a profile the default mode is to handle deleted files through file labeling and delegation.  However there are currently cases when this is not sufficient and will result in an access denial that should have an an info field of
    info="Failed name lookup - deleted entry"

  However these log messages are not being generated, and apparmor is
  rejecting accesses based on deleted entries being mediated.  See Bug
  #969299 as one case where this is happening.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/970647/+subscriptions