[Touch-packages] [Bug 1817627] Re: systemd-analyze verify reports failure

2019-06-17 Thread Paweł Krawczyk 
This affects each system where /tmp is *not* on tmpfs which affects a
lot of cloud-built servers and effectively prevents usage of systemd-
analyze verify in Ansible, Puppet etc.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1817627

Title:
  systemd-analyze verify reports failure

Status in Ubuntu Manpage Repository:
  Invalid
Status in systemd package in Ubuntu:
  Confirmed

Bug description:
  Version 237 and 238 of systemd-analyze have a known issue:
  https://github.com/systemd/systemd/issues/8592

  When will a fix be posted?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-manpage-repository/+bug/1817627/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1243932] Re: aa-logprof: Log contains unknown mode senw

2015-04-09 Thread Paweł Krawczyk 
The fix I implemented in my system was to add the following check to
/usr/lib/python2.7/dist-packages/apparmor/logparser.py, in lines 124:

if rmask and rmask not in [ 'send', 'receive', 'send receive' ]:

Originally it was:

if rmask:

The same in line 130 for dmask. This file comes from python-apparmor
package 2.9.2~2886-0ubuntu0.14.04.41 installed from the PPA.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1243932

Title:
  aa-logprof:  Log contains unknown mode senw

Status in AppArmor Linux application security framework:
  Confirmed
Status in apparmor package in Ubuntu:
  Fix Released

Bug description:
  [Impact]

  * aa-logprof does not work when dbus rule denials are present in the
  logs

  [Automated Test Case]

  * test_lp1243932_send, test_lp1243932_receive, and test_lp1243932_bind
  have been added to QRT's test-apparmor.py test script

  [Manual Test Case]

  * Load a profile that does not grant D-Bus access and create a D-Bus denial. 
Then,
    test aa-logprof.

    $ echo "profile lp1243932 { file, }" | sudo apparmor_parser -rq
    $ aa-exec -p lp1243932 -- dbus-send --print-reply --system \
    --dest=org.freedesktop.DBus /org/freedesktop/DBus 
org.freedesktop.DBus.ListNames
    Failed to open connection to "system" message bus: An AppArmor policy 
prevents this
    sender from sending this message to this recipient, 0 matched rules;
    type="method_call", sender="(null)" (inactive) 
interface="org.freedesktop.DBus"
    member="Hello" error name="(unset)" requested_reply="0"
    destination="org.freedesktop.DBus" (bus)
    $ aa-logprof -f /dev/null
    Reading log entries from /dev/null.
    Updating AppArmor profiles in /etc/apparmor.d.

  An unpatched aa-logprof will print similar output followed by:

    Log contains unknown mode senw.

  [Regression Potential]

  * The regression potential is low since aa-logprof currently refuses to work 
when D-Bus
    denials are present. The fix is minimal and has been reviewed by upstream.

  [Original Bug Report]

  since saucy aa-logprof does not work anymore:

  $ aa-logprof
  Reading log entries from /var/log/syslog.
  Updating AppArmor profiles in /etc/apparmor.d.

  Log contains unknown mode senw.

  the issues seem to be caused by dbus send denies:

  Oct 23 19:52:56 ubuntu dbus[2594]: apparmor="DENIED"
  operation="dbus_method_call"  bus="session"
  path="/org/freedesktop/DBus" interface="org.freedesktop.DBus"
  member="Hello" mask="send" name="org.freedesktop.DBus" pid=3552
  profile="/usr/bin/smuxi-frontend-gnome" peer_profile="unconfined"

  23:16  my guess is the denial of a dbus send
  23:16  senw is awful close to send
  23:17  parse_event() in AppArmor.pm does this:
  23:18  $rmask =~ s/d/w/g;
  23:18  followed by:
  23:18  fatal_error(sprintf(gettext('Log contains unknown mode %s.'), 
$rmask));

  ubuntu 13.10 amd64.

  apparmor-utils:
    Installed: 2.8.0-0ubuntu31
    Candidate: 2.8.0-0ubuntu31
    Version table:
   *** 2.8.0-0ubuntu31 0
  500 http://de.archive.ubuntu.com/ubuntu/ saucy/main amd64 Packages

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1243932/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1243932] Re: aa-logprof: Log contains unknown mode senw

2015-03-26 Thread Paweł Krawczyk 
I have the 2.9 package but this bug still seems to affect me:

ii  apparmor-utils  2.9.2~2880-0ubun amd64Utilities
for controlling AppArmor

# aa-logprof 
Reading log entries from /var/log/syslog.
Updating AppArmor profiles in /etc/apparmor.d.
Traceback (most recent call last):
  File "/usr/sbin/aa-logprof", line 54, in 
apparmor.do_logprof_pass(logmark)
  File "/usr/lib/python2.7/dist-packages/apparmor/aa.py", line 2279, in 
do_logprof_pass
log = log_reader.read_log(logmark)
  File "/usr/lib/python2.7/dist-packages/apparmor/logparser.py", line 349, in 
read_log
event = self.parse_log_record(line)
  File "/usr/lib/python2.7/dist-packages/apparmor/logparser.py", line 88, in 
parse_log_record
record_event = self.parse_event(record)
  File "/usr/lib/python2.7/dist-packages/apparmor/logparser.py", line 128, in 
parse_event
raise AppArmorException(_('Log contains unknown mode %s') % rmask)
apparmor.common.AppArmorException: 'Log contains unknown mode senw'

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1243932

Title:
  aa-logprof:  Log contains unknown mode senw

Status in AppArmor Linux application security framework:
  Fix Released
Status in apparmor package in Ubuntu:
  Fix Released

Bug description:
  [Impact]

  * aa-logprof does not work when dbus rule denials are present in the
  logs

  [Automated Test Case]

  * test_lp1243932_send, test_lp1243932_receive, and test_lp1243932_bind
  have been added to QRT's test-apparmor.py test script

  [Manual Test Case]

  * Load a profile that does not grant D-Bus access and create a D-Bus denial. 
Then,
    test aa-logprof.

    $ echo "profile lp1243932 { file, }" | sudo apparmor_parser -rq
    $ aa-exec -p lp1243932 -- dbus-send --print-reply --system \
    --dest=org.freedesktop.DBus /org/freedesktop/DBus 
org.freedesktop.DBus.ListNames
    Failed to open connection to "system" message bus: An AppArmor policy 
prevents this
    sender from sending this message to this recipient, 0 matched rules;
    type="method_call", sender="(null)" (inactive) 
interface="org.freedesktop.DBus"
    member="Hello" error name="(unset)" requested_reply="0"
    destination="org.freedesktop.DBus" (bus)
    $ aa-logprof -f /dev/null
    Reading log entries from /dev/null.
    Updating AppArmor profiles in /etc/apparmor.d.

  An unpatched aa-logprof will print similar output followed by:

    Log contains unknown mode senw.

  [Regression Potential]

  * The regression potential is low since aa-logprof currently refuses to work 
when D-Bus
    denials are present. The fix is minimal and has been reviewed by upstream.

  [Original Bug Report]

  since saucy aa-logprof does not work anymore:

  $ aa-logprof
  Reading log entries from /var/log/syslog.
  Updating AppArmor profiles in /etc/apparmor.d.

  Log contains unknown mode senw.

  the issues seem to be caused by dbus send denies:

  Oct 23 19:52:56 ubuntu dbus[2594]: apparmor="DENIED"
  operation="dbus_method_call"  bus="session"
  path="/org/freedesktop/DBus" interface="org.freedesktop.DBus"
  member="Hello" mask="send" name="org.freedesktop.DBus" pid=3552
  profile="/usr/bin/smuxi-frontend-gnome" peer_profile="unconfined"

  23:16  my guess is the denial of a dbus send
  23:16  senw is awful close to send
  23:17  parse_event() in AppArmor.pm does this:
  23:18  $rmask =~ s/d/w/g;
  23:18  followed by:
  23:18  fatal_error(sprintf(gettext('Log contains unknown mode %s.'), 
$rmask));

  ubuntu 13.10 amd64.

  apparmor-utils:
    Installed: 2.8.0-0ubuntu31
    Candidate: 2.8.0-0ubuntu31
    Version table:
   *** 2.8.0-0ubuntu31 0
  500 http://de.archive.ubuntu.com/ubuntu/ saucy/main amd64 Packages

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1243932/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp