From: John Johansen <[email protected]> 3.12-stable review patch. If anyone has any objections, please let me know.
=============== commit 9049a7922124d843a2cd26a02b1d00a17596ec0c upstream. The current behavior is confusing as it causes exec failures to report the executable is missing instead of identifying that apparmor caused the failure. Signed-off-by: John Johansen <[email protected]> Acked-by: Seth Arnold <[email protected]> Signed-off-by: Jiri Slaby <[email protected]> --- security/apparmor/domain.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c index 0c23888b9816..a59766fe3b7a 100644 --- a/security/apparmor/domain.c +++ b/security/apparmor/domain.c @@ -437,7 +437,7 @@ int apparmor_bprm_set_creds(struct linux_binprm *bprm) new_profile = aa_get_newest_profile(ns->unconfined); info = "ux fallback"; } else { - error = -ENOENT; + error = -EACCES; info = "profile not found"; /* remove MAY_EXEC to audit as failure */ perms.allow &= ~MAY_EXEC; -- 2.11.0
