Hello,
while using aa-logprof (from latest bzr), I managed to crash it with two
totally different backtraces:
1)
# python3 aa-logprof
Protokolleinträge von /var/log/audit/audit.log werden eingelesen.
AppArmor-Profile in /etc/apparmor.d werden aktualisiert.
Traceback (most recent call last):
File "aa-logprof", line 52, in <module>
apparmor.do_logprof_pass(logmark)
File "/home/cb/apparmor/HEAD-CLEAN/utils/apparmor/aa.py", line 2275, in
do_logprof_pass
handle_children('', '', root)
File "/home/cb/apparmor/HEAD-CLEAN/utils/apparmor/aa.py", line 1243, in
handle_children
parent_uses_ld_xxx = check_for_LD_XXX(profile)
File "/home/cb/apparmor/HEAD-CLEAN/utils/apparmor/aa.py", line 126, in
check_for_LD_XXX
for line in f_in:
File "/usr/lib64/python3.4/codecs.py", line 704, in __next__
return next(self.reader)
File "/usr/lib64/python3.4/codecs.py", line 635, in __next__
line = self.readline()
File "/usr/lib64/python3.4/codecs.py", line 548, in readline
data = self.read(readsize, firstline=True)
File "/usr/lib64/python3.4/codecs.py", line 494, in read
newchars, decodedbytes = self.decode(data, self.errors)
UnicodeDecodeError: 'ascii' codec can't decode byte 0xf8 in position 40:
ordinal not in range(128)
This is caused by this log line:
type=AVC msg=audit(1407865079.883:215): apparmor="ALLOWED" operation="exec"
profile="/usr/lib64/firefox/plugin-container"
name="/usr/lib64/gstreamer-0.10/gst-plugin-scanner" pid=11832 comm="Browser"
requested_mask="x" denied_mask="x" fsuid=1000 ouid=0
target="/usr/lib64/firefox/plugin-container//null-1"
but it also seems to require my set of profiles (at least some of them).
aa-logprof doesn't crash if I run it with -d /var/lib/empty
2)
# python3 aa-logprof -f /var/log/audit/audit.log.1
[...]
= Changed Local Profiles =
The following local profiles were changed. Would you like to save them?
[1 - /usr/bin/boomaga]
2 - /usr/sbin/nscd
(S)ave Changes / Save Selec(t)ed Profile / [(V)iew Changes] / View Changes b/w
(C)lean profiles / Abo(r)t
[... pressed 'v'...]
Traceback (most recent call last):
File "aa-logprof", line 52, in <module>
apparmor.do_logprof_pass(logmark)
File "/home/cb/apparmor/HEAD-CLEAN/utils/apparmor/aa.py", line 2292, in
do_logprof_pass
save_profiles()
File "/home/cb/apparmor/HEAD-CLEAN/utils/apparmor/aa.py", line 2373, in
save_profiles
newprofile = serialize_profile_from_old_profile(aa[which], which, '')
File "/home/cb/apparmor/HEAD-CLEAN/utils/apparmor/aa.py", line 4217, in
serialize_profile_from_old_profile
data += write_methods[segs](write_prof_data[name], int(depth / 2))
File "/home/cb/apparmor/HEAD-CLEAN/utils/apparmor/aa.py", line 3606, in
write_paths
data += write_path_rules(prof_data, depth, 'allow')
File "/home/cb/apparmor/HEAD-CLEAN/utils/apparmor/aa.py", line 3553, in
write_path_rules
user, other = split_mode(mode)
File "/home/cb/apparmor/HEAD-CLEAN/utils/apparmor/aamode.py", line 212, in
split_mode
other = mode - user
TypeError: unsupported operand type(s) for -: 'collections.defaultdict' and
'set'
BTW: Using 'c' instead of 'v' lets me view the differences without a crash.
Regards,
Christian Boltz
--
... wenn man schon Spams und Viren nur unvollkommen filtern,
wie will man dann die Windoof Experten fo^Hiltern? ;-)
[Paul Foerster in suse-laptop]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
