[apparmor] [patch] Raise AppArmorBug on unknown request_mask in logparser.py
Seth Arnold
seth.arnold at canonical.com
Sat Dec 12 00:16:29 UTC 2015
On Fri, Dec 11, 2015 at 11:57:07PM +0100, Christian Boltz wrote:
> An alternative solution would be a try/except game some levels /
> function calls upwards so that the exception can print the original log
> line causing the problem. That would probably need to happen in
> read_log(), when calling self.add_event_to_tree().
>
> How do you like this one?
>
> # aa-logprof -f <(echo 'Dec 11 10:24:07 gw-dc01 kernel: [2214272.912766] type=1400 audit(1449822247.549:21251): apparmor="ALLOWED" operation="file_inherit" profile="/usr/sbin/smbd" name="/foo/bar" pid=7112 comm="nsupdate" requested_mask="foo" denied_mask="foo" fsuid=0 ouid=0')
> Reading log entries from /dev/fd/63.
> Updating AppArmor profiles in /etc/apparmor.d.
>
> ERROR: Log contains unknown mode foo
>
> This error was caused by the log line:
> Dec 11 10:24:07 gw-dc01 kernel: [2214272.912766] type=1400 audit(1449822247.549:21251): apparmor="ALLOWED" operation="file_inherit" profile="/usr/sbin/smbd" name="/foo/bar" pid=7112 comm="nsupdate" requested_mask="foo" denied_mask="foo" fsuid=0 ouid=0
>
>
> The only disadvantage is that it doesn't include the bugreport hint that
> comes with AppArmorBug ;-)
I like including the line. That gives someone something tangible to work
with. Could it raise AppArmorBug instead of AppArmorException to retain
the nice file-a-bug behaviour?
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20151211/37dad2b8/attachment.pgp>
More information about the AppArmor
mailing list