[Bug 914820] Re: add disabled by default apparmor profile

Launchpad Bug Tracker 914820 at bugs.launchpad.net
Wed Jan 11 16:30:12 UTC 2012 

This bug was fixed in the package rsyslog - 5.8.6-1ubuntu5

---------------
rsyslog (5.8.6-1ubuntu5) precise; urgency=low

  * Add disabled by default AppArmor profile (LP: #914820)
    - debian/rsyslog.upstart: add pre-start stanza to load profile
    - add debian/usr.sbin.rsyslogd profile
    - debian/rules: use dh_apparmor to install profile before rsyslog is
      restarted
    - debian/control: suggests apparmor (>= 2.3)
    - debian/rsyslog.install: install profile to /etc/apparmor.d
    - debian/rsyslog.dirs: install /etc/apparmor.d/force-complain,
      and /etc/apparmor.d/disable
    - debian/rsyslog.preinst: disable profile on clean install or upgrades
      from earlier than when we shipped the profile
 -- Jamie Strandboge <jamie at ubuntu.com>   Wed, 11 Jan 2012 17:10:41 +0100

** Changed in: rsyslog (Ubuntu Precise)
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to rsyslog in Ubuntu.
https://bugs.launchpad.net/bugs/914820

Title:
  add disabled by default apparmor profile

Status in “rsyslog” package in Ubuntu:
  Fix Released
Status in “rsyslog” source package in Precise:
  Fix Released

Bug description:
  Rsyslog is a daemon installed on all Ubuntu systems and processes
  unfiltered input. While it has a solid design, it would be nice if we
  could provide an AppArmor profile for it that people can opt into. The
  profile can be enabled in the normal way 'sudo aa-enforce
  /etc/apparmor.d/usr.sbin.rsyslogd' and is expected to work in the
  default installation.

  While it would be very desirable to turn this on by default in the
  future, I don't think we should for 12.04 since getting the profile
  wrong would result in no logging outout. Also, rsyslog is difficult to
  maintain because it is highly configurable, however the default
  profile should cover many use cases when writing files in /var/log.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/914820/+subscriptions

More information about the foundations-bugs mailing list