[Kernel-packages] [Bug 1839037] [NEW] Stacked onexec transitions fail when under NO NEW PRIVS restrictions

Mon, 05 Aug 2019 16:11:01 -0700 

Public bug reported:

running the apparmor nnp regression tests results in the following
failure

Error: transition failed. Test 'NNP (stack onexec - NNP)' was expected
to 'pass'. Reason for failure 'FAIL - execv: Operation not permitted'

with a log message of

[ 1169.863302] audit: type=1400 audit(1565046042.144:280686):
apparmor="DENIED" operation="exec" info="no new privs" error=-1
profile="/home/jj/apparmor.git/tests/regression/apparmor/transition"
name="/home/jj/apparmor.git/tests/regression/apparmor/open" pid=1888
comm="transition" requested_mask="x" denied_mask="x" fsuid=0 ouid=1000
target="/home/jj/apparmor.git/tests/regression/apparmor/open"

** Affects: linux (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: linux (Ubuntu Xenial)
     Importance: Undecided
         Status: New

** Affects: linux (Ubuntu Bionic)
     Importance: Undecided
         Status: New

** Also affects: linux (Ubuntu Bionic)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Xenial)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1839037

Title:
  Stacked onexec transitions fail when under NO NEW PRIVS restrictions

Status in linux package in Ubuntu:
  New
Status in linux source package in Xenial:
  New
Status in linux source package in Bionic:
  New

Bug description:
  running the apparmor nnp regression tests results in the following
  failure

  Error: transition failed. Test 'NNP (stack onexec - NNP)' was expected
  to 'pass'. Reason for failure 'FAIL - execv: Operation not permitted'

  with a log message of

  [ 1169.863302] audit: type=1400 audit(1565046042.144:280686):
  apparmor="DENIED" operation="exec" info="no new privs" error=-1
  profile="/home/jj/apparmor.git/tests/regression/apparmor/transition"
  name="/home/jj/apparmor.git/tests/regression/apparmor/open" pid=1888
  comm="transition" requested_mask="x" denied_mask="x" fsuid=0 ouid=1000
  target="/home/jj/apparmor.git/tests/regression/apparmor/open"

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1839037/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to