AppArmor: Allow access to mount related files (!1) · Merge requests · pkg / prestwood · GitLab

Snippets Groups Projects

Merged Frederic Danis requested to merge wip/fdanis/6233 into apertis/v2021dev1 5 years ago

apparmor-session-lockdown-no-deny test returns the following events:

$ sudo journalctl -b -t audit -o cat | aa_log_extract_tokens.sh DENIED
====
profile:/usr/bin/prestwood
apparmor:DENIED
denied_mask:r
operation:open
name:/proc/905/mountinfo
requested_mask:r
====
profile:/usr/bin/prestwood
apparmor:DENIED
denied_mask:r
operation:open
name:/etc/fstab
requested_mask:r
====
profile:/usr/bin/prestwood
apparmor:DENIED
denied_mask:r
operation:open
name:/proc/905/mountinfo
requested_mask:r
====
profile:/usr/bin/prestwood
apparmor:DENIED
denied_mask:r
operation:open
name:/proc/905/mounts
requested_mask:r

Signed-off-by: Frédéric Danis frederic.danis@collabora.com

Edited 5 years ago by Frederic Danis

Activity

Frederic Danis changed target branch from apertis/v2021dev0 to apertis/v2021dev1 5 years ago

changed target branch from apertis/v2021dev0 to apertis/v2021dev1
Denis Pynkin @d4s · 5 years ago

Owner

@fdanis can you please add more into commit description? Why it need additional access or what issue it fixes
Frederic Danis added 2 commits 5 years ago
added 2 commits

0e1d9c67 - AppArmor: Allow access to mount related files

4e4b1daf - Release prestwood version 0.1706.0-0co3

Compare with previous version
Frederic Danis changed the description 5 years ago

changed the description
Denis Pynkin merged 5 years ago

merged

Please register or sign in to reply

Apertis Website Terms of Use Privacy Policy