[Bug 451375] Re: apparmor disallows truncate of deleted file
The Lucid kernel add some flags to provide better control over this and other path behaviors and it looks like the flag for deleted file lookup isn't properly being applied. It will be fixed in the next update of AppArmor. -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
Greetings,
Seems that this bug is affecting the latest 2.6.32-11.15 kernel in
Lucid. Running the simple C program to reproduce the failure from
comment #2 I get the following.
Without AppArmor profile:
open("/var/tmp/foo", O_RDWR|O_CREAT, 0700) = 3
ftruncate(3, 0) = 0
truncate("/var/tmp/foo", 0) = 0
unlink("/var/tmp/foo") = 0
ftruncate(3, 0) = 0
truncate("/var/tmp/foo", 0) = -1 ENOENT (No such file or directory)
write(2, "failed (No such file or director"..., 72failed (No such file or
directory) to post unlink truncate /var/tmp/foo
) = 72
close(3)= 0
exit_group(0) = ?
With AppArmor profile:
open("/var/tmp/foo", O_RDWR|O_CREAT, 0700) = 3
ftruncate(3, 0) = 0
truncate("/var/tmp/foo", 0) = 0
unlink("/var/tmp/foo") = 0
ftruncate(3, 0) = -1 ENOENT (No such file or directory)
write(2, "failed (No such file or director"..., 60failed (No such file or
directory) to post unlink ftruncate
) = 60
truncate("/var/tmp/foo", 0) = -1 ENOENT (No such file or directory)
write(2, "failed (No such file or director"..., 72failed (No such file or
directory) to post unlink truncate /var/tmp/foo
) = 72
close(3)= 0
exit_group(0) = ?
type=APPARMOR_DENIED msg=audit(1264257858.066:923):
operation="truncate" info="Failed name lookup - deleted entry" error=-2
pid=4911 parent=4910 profile="/tmp/trunc" requested_mask="w::"
denied_mask="w::" fsuid=1000 ouid=1000
name=2F7661722F746D702F666F6F202864656C6574656429
Profile itself:
#include
/tmp/trunc {
#include
#include
}
Please advise. Thank you for attention.
--
apparmor disallows truncate of deleted file
https://bugs.launchpad.net/bugs/451375
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
This bug was fixed in the package linux - 2.6.31-15.50 --- linux (2.6.31-15.50) karmic-proposed; urgency=low [ Kees Cook ] * SAUCE: Fix nx_enable reporting - LP: #454285 linux (2.6.31-15.49) karmic-proposed; urgency=low [ Benjamin Herrenschmidt ] * [Upstream] (drop after 2.6.31) usb-storage: Workaround devices with bogus sense size - LP: #446146 [ John Johansen ] * SAUCE: AppArmor: AppArmor wrongly reports allow perms as denied - LP: #453335 * SAUCE: AppArmor: Policy load and replacement can fail to alloc mem - LP: #458299 * SAUCE: AppArmor: AppArmor fails to audit change_hat correctly - LP: #462824 * SAUCE: AppArmor: AppArmor disallows truncate of deleted files. - LP: #451375 [ Kees Cook ] * SAUCE: [x86] fix report of cs-limit nx-emulation - LP: #454285 [ Scott James Remnant ] * Revert "SAUCE: trace: add trace_event for the open() syscall" * SAUCE: trace: add trace events for open(), exec() and uselib() - LP: #462111 [ Stefan Bader ] * SAUCE: Fix sub-flavour script to not stop on missing directories - LP: #453073 [ Tim Gardner ] * [Upstream] (drop after 2.6.31) Input: synaptics - add another Protege M300 to rate blacklist - LP: #433801 [ Upstream Kernel Changes ] * PM: Make warning in suspend_test_finish() less likely to happen - LP: #464552 -- Stefan BaderTue, 10 Nov 2009 14:31:52 +0100 ** Changed in: linux (Ubuntu Karmic) Status: Fix Committed => Fix Released -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
** Branch linked: lp:ubuntu/linux-mvl-dove -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
** Branch linked: lp:ubuntu/linux-fsl-imx51 -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
This bug was fixed in the package linux - 2.6.32-3.3 --- linux (2.6.32-3.3) lucid; urgency=low [ Andy Whitcroft ] * rebase to v2.6.32-rc6 * [Config] update configs following rebase to v2.6.32-rc6 * [Config] update ports configs following rebase to v2.6.32-rc6 * resync with Karmic Ubuntu-2.6.31-15.49 * [Config] add module ignores for broken drivers [ John Johansen ] * SAUCE: AppArmor: AppArmor wrongly reports allow perms as denied - LP: #453335 * SAUCE: AppArmor: Policy load and replacement can fail to alloc mem - LP: #458299 * SAUCE: AppArmor: AppArmor fails to audit change_hat correctly - LP: #462824 * SAUCE: AppArmor: AppArmor disallows truncate of deleted files. - LP: #451375 [ Kees Cook ] * SAUCE: Fix nx_enable reporting - LP: #454285 [ Scott James Remnant ] * Revert "SAUCE: trace: add trace_event for the open() syscall" * SAUCE: trace: add trace events for open(), exec() and uselib() - LP: #462111 [ Stefan Bader ] * SAUCE: Fix sub-flavour script to not stop on missing directories - LP: #453073 [ Ubuntu Changes ] * resync with Karmic Ubuntu-2.6.31-15.49 [ Upstream Kernel Changes ] * rebase to v2.6.32-rc6 - LP: #464552 -- Andy WhitcroftTue, 10 Nov 2009 15:00:57 + ** Changed in: linux (Ubuntu Lucid) Status: Fix Committed => Fix Released -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
hello John, Thanks for your answer, done : https://bugs.launchpad.net/ubuntu/+source/linux/+bug/479580 best regards -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
starslights, this is a different bug as it is missing info="Failed name lookup - deleted entry" and running aa-decode finds a name with out the appended " (deleted)" [169621.221525] type=1503 audit(1257668082.865:35): operation="truncate" pid=12308 parent=3052 profile="/usr/lib/firefox-3.5.*/firefox" requested_mask="::w" denied_mask="::w" fsuid=1000 ouid=0 name='/media/FreeAgent Drive/torrents/[www.itoma.info]_Les hits de lhiver 2009-ITOMA.torrent' which shows it is not hitting the deleted file problem being addressed by this bug, but a missing permission entry in the profile. In general the name encoding on any string that have any of set of special characters in them (space is the character triggering it in the deleted messages and here). if you could open a new bug it would be greatly appreciated thanks -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
hello, I have found a new "truncate" audit in my log who was blocked. This bug don't seem to be fixed. [169621.221525] type=1503 audit(1257668082.865:35): operation="truncate" pid=12308 parent=3052 profile="/usr/lib/firefox-3.5.*/firefox" requested_mask="::w" denied_mask="::w" fsuid=1000 ouid=0 name=2F6D656469612F467265654167656E742044726976652F746F7272656E74732F5B772E69746F6D612E696E666F5D5F4C65732068697473206465206C686976657220323030392D49544F4D412E746F7272656E74 i have a few others new but i will open a new one while there are not the same my best -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
Accepted linux into karmic-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance! ** Changed in: linux (Ubuntu Karmic) Status: New => Fix Committed ** Tags added: verification-needed -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
** Also affects: linux (Ubuntu Karmic) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Lucid) Importance: Medium Assignee: John Johansen (jjohansen) Status: Fix Committed -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
hello, I run kubuntu karmic 9.10 x86 64 and openoffice sollice don't can be open by firefox 3.5.5pre [90641.613862] type=1503 audit(1256979234.132:54): operation="exec" pid=9404 parent=6161 profile="/usr/lib/firefox-3.5.*/firefox" requested_mask="::x" denied_mask="::x" fsuid=1000 ouid=0 name="/usr/lib/openoffice/program/soffice" can be sure reproducte on http://decloak.net/ , it's a great tool to see if all work fine and isolate. best regards -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
This issue is fixed using the latest kernel John made available: http://kernel.ubuntu.com/~jj/linux-image-2.6.31-14-generic_2.6.31-14.49~jj_amd64.deb -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
Iakov, yes you will need to reenable the apparmor firefox profile to reproduce, however I have already had reports of issues with the patch and I am working on a new version so I would wait for the newer version. -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
Dear John. Currently firefox apparmor profile is disabled after update so bug with zotero is not reproduced. Should I first enable apparmor firefox profile? -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
I have placed a test kernel at http://kernel.ubuntu.com/~jj/linux-image-2.6.31-14-generic_2.6.31-14.48~jj_amd64.deb -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
This is more of a bug in firefox and evinve. They are relying on
trunc("/some/path") working after the file has been deleted, instead
they should be using trunc(fd). There use of trunc is incorrect even
though it has traditionally worked because it may not get the file
pointed to by the fd. If a new file is created at /some/path while fd
is open (but deleted) the trunc will apply to the new file, not the open
fd as is intended by their use. Further more if the parent (gp, ..)
directory is moved the trunc will also fail.
Unfortunately this behavior does need to be fixed in AppArmor because it
can break applications with no potential work around except to disable
AppArmor mediation of the application.
--
apparmor disallows truncate of deleted file
https://bugs.launchpad.net/bugs/451375
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
** Tags added: apparmor -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
This bug is likely an SRU candidate. I would prefer seeing it fixed before release, but understand if the kernel team wants to freeze their kernel. -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
There have been several people in bug #449286 that are hitting this bug. Since the evince and firefox parts of that bug are fixed, I added a linux task and will mark that bug a duplicate. -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
The attached C file can be used to reproduce, the truncate call post unlink will fail. ** Attachment added: "Simple C program to reproduce the failure" http://launchpadlibrarian.net/33704325/trunc.c -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
** Attachment added: "AlsaDevices.txt" http://launchpadlibrarian.net/33660463/AlsaDevices.txt ** Attachment added: "ArecordDevices.txt" http://launchpadlibrarian.net/33660466/ArecordDevices.txt ** Attachment added: "BootDmesg.txt" http://launchpadlibrarian.net/33660467/BootDmesg.txt ** Attachment added: "Card0.Amixer.values.txt" http://launchpadlibrarian.net/33660468/Card0.Amixer.values.txt ** Attachment added: "Card0.Codecs.codec.2.txt" http://launchpadlibrarian.net/33660469/Card0.Codecs.codec.2.txt ** Attachment added: "CurrentDmesg.txt" http://launchpadlibrarian.net/33660470/CurrentDmesg.txt ** Attachment added: "Dependencies.txt" http://launchpadlibrarian.net/33660471/Dependencies.txt ** Attachment added: "Lspci.txt" http://launchpadlibrarian.net/33660472/Lspci.txt ** Attachment added: "Lsusb.txt" http://launchpadlibrarian.net/33660473/Lsusb.txt ** Attachment added: "PciMultimedia.txt" http://launchpadlibrarian.net/33660474/PciMultimedia.txt ** Attachment added: "ProcCpuinfo.txt" http://launchpadlibrarian.net/33660475/ProcCpuinfo.txt ** Attachment added: "ProcInterrupts.txt" http://launchpadlibrarian.net/33660476/ProcInterrupts.txt ** Attachment added: "ProcModules.txt" http://launchpadlibrarian.net/33660477/ProcModules.txt ** Attachment added: "UdevDb.txt" http://launchpadlibrarian.net/33660478/UdevDb.txt ** Attachment added: "UdevLog.txt" http://launchpadlibrarian.net/33660479/UdevLog.txt ** Attachment added: "WifiSyslog.txt" http://launchpadlibrarian.net/33660480/WifiSyslog.txt ** Attachment added: "XsessionErrors.txt" http://launchpadlibrarian.net/33660481/XsessionErrors.txt ** Changed in: linux (Ubuntu) Importance: Undecided => Medium ** Changed in: linux (Ubuntu) Status: New => Confirmed ** Changed in: linux (Ubuntu) Milestone: None => later ** Changed in: linux (Ubuntu) Assignee: (unassigned) => John Johansen (jjohansen) -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
