This bug was fixed in the package apparmor - 2.7.102-0ubuntu3 --------------- apparmor (2.7.102-0ubuntu3) precise; urgency=low
[ Jamie Strandboge ] * debian/patches/0007-ubuntu-manpage-updates.patch: update apparmor(5) to describe Ubuntu's two-stage policy load and how to add utilize it when developing policy (LP: #974089) [ Serge Hallyn ] * debian/apparmor.init: do nothing in a container. This can be removed once stacked profiles are supported and used by lxc. (LP: #978297) [ Steve Beattie ] * debian/patches/0008-apparmor-lp963756.patch: Fix permission mapping for change_profile onexec (LP: #963756) * debian/patches/0009-apparmor-lp959560-part1.patch, debian/patches/0010-apparmor-lp959560-part2.patch: Update the parser to support the 'in' keyword for value lists, and make mount operations aware of 'in' keyword so they can affect the flags build list (LP: #959560) * debian/patches/0011-apparmor-lp872446.patch: fix logprof missing exec events in complain mode (LP: #872446) * debian/patches/0012-apparmor-lp978584.patch: allow inet6 access in dovecot imap-login profile (LP: #978584) * debian/patches/0013-apparmor-lp800826.patch: fix libapparmor log parsing library from dropping apparmor network events that contain ip addresses or ports in them (LP: #800826) * debian/patches/0014-apparmor-lp979095.patch: document new mount rule syntax and usage in apparmor.d(5) manpage (LP: #979095) * debian/patches/0015-apparmor-lp963756.patch: Fix change_onexec for profiles without attachment specification (LP: #963756, LP: #978038) * debian/patches/0016-apparmor-lp968956.patch: Fix protocol error when loading policy to kernels without compat patches (LP: #968956) * debian/patches/0017-apparmor-lp979135.patch: Fix change_profile to grant access to /proc/attr api (LP: #979135) -- Steve Beattie <sbeat...@ubuntu.com> Thu, 12 Apr 2012 06:17:42 -0500 ** Changed in: apparmor (Ubuntu Precise) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of AppArmor Developers, which is the registrant for AppArmor. https://bugs.launchpad.net/bugs/800826 Title: aa-notify doesn't display certain apparmor events Status in AppArmor Linux application security framework: Fix Released Status in “apparmor” package in Ubuntu: Fix Released Status in “apparmor” source package in Precise: Fix Released Bug description: This works properly: [153157.745909] type=1400 audit(1308767024.828:3705): apparmor="DENIED" operation="open" parent=24000 profile="/usr/lib/firefox-5.0/firefox{,*[^s][^h]}" name="/opt/server/photos/100_0243.JPG" pid=24791 comm="plugin-containe" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000 This doesn't get displayed at all: [153073.826757] type=1400 audit(1308766940.698:3704): apparmor="DENIED" operation="sendmsg" parent=24737 profile="/usr/bin/evince-thumbnailer" pid=24743 comm="evince-thumbnai" laddr=192.168.66.150 lport=765 faddr=192.168.66.200 fport=2049 family="inet" sock_type="stream" protocol=6 ProblemType: Bug DistroRelease: Ubuntu 11.04 Package: apparmor-notify 2.6.1-0ubuntu3 ProcVersionSignature: Ubuntu 2.6.38-10.44-generic 2.6.38.7 Uname: Linux 2.6.38-10-generic x86_64 Architecture: amd64 Date: Wed Jun 22 14:30:37 2011 InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Alpha amd64 (20110302) PackageArchitecture: all ProcEnviron: LANGUAGE=en_CA:en PATH=(custom, user) LANG=en_CA.UTF-8 SHELL=/bin/bash ProcKernelCmdline: BOOT_IMAGE=/boot/vmlinuz-2.6.38-10-generic root=UUID=66b32bb3-1e18-436e-8f6e-62b8419ed48d ro quiet splash vt.handoff=7 ProcVersionSignature_: Ubuntu 2.6.38-10.44-generic 2.6.38.7 SourcePackage: apparmor UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/800826/+subscriptions -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor