AppArmor: Allow access to mount related files (!1) · Merge requests · pkg / prestwood

Frederic Danis requested to merge wip/fdanis/6233 into apertis/v2021dev1 Dec 18, 2019

apparmor-session-lockdown-no-deny test returns the following events:

$ sudo journalctl -b -t audit -o cat | aa_log_extract_tokens.sh DENIED
====
profile:/usr/bin/prestwood
apparmor:DENIED
denied_mask:r
operation:open
name:/proc/905/mountinfo
requested_mask:r
====
profile:/usr/bin/prestwood
apparmor:DENIED
denied_mask:r
operation:open
name:/etc/fstab
requested_mask:r
====
profile:/usr/bin/prestwood
apparmor:DENIED
denied_mask:r
operation:open
name:/proc/905/mountinfo
requested_mask:r
====
profile:/usr/bin/prestwood
apparmor:DENIED
denied_mask:r
operation:open
name:/proc/905/mounts
requested_mask:r

Signed-off-by: Frédéric Danis frederic.danis@collabora.com

Edited Dec 20, 2019 by Frederic Danis

Admin message

AppArmor: Allow access to mount related files

Merge request reports