[Bug 1446794] Re: parser error with 'deny change_profile'

Tue, 17 May 2016 17:26:24 -0700 

The deny modifier has been fixed in the 2.11 parser. However, the audit
modifier is not properly supported by the backend permission format and
will result in equality.sh failing

With the above patch to equality.sh, the failures all involve audit
which is being silently dropped in permission encoding:

Binary inequality audit, deny, and audit deny modifiers for "change_profile -> 
unconfined"
FAIL: Hash values match
known-good (e01d6f3ba173df734864ab965521e195) == profile-under-test 
(e01d6f3ba173df734864ab965521e195) for the following profile:
/t { audit change_profile -> unconfined, }

Binary inequality audit, deny, and audit deny modifiers for "change_profile -> 
unconfined"
FAIL: Hash values match
known-good (e01d6f3ba173df734864ab965521e195) == profile-under-test 
(e01d6f3ba173df734864ab965521e195) for the following profile:
/t { audit allow change_profile -> unconfined, }

.Binary inequality deny and audit deny modifiers for "change_profile -> 
unconfined"
FAIL: Hash values match
known-good (0f104a93d8f001f0f780702c8ff255b7) == profile-under-test 
(0f104a93d8f001f0f780702c8ff255b7) for the following profile:
/t { audit deny change_profile -> unconfined, }

..Binary inequality audit, deny, and audit deny modifiers for "change_profile 
-> /**"
FAIL: Hash values match
known-good (df13fc0410c7ea6bce4c4ef14cfd504d) == profile-under-test 
(df13fc0410c7ea6bce4c4ef14cfd504d) for the following profile:
/t { audit change_profile -> /**, }

Binary inequality audit, deny, and audit deny modifiers for "change_profile -> 
/**"
FAIL: Hash values match
known-good (df13fc0410c7ea6bce4c4ef14cfd504d) == profile-under-test 
(df13fc0410c7ea6bce4c4ef14cfd504d) for the following profile:
/t { audit allow change_profile -> /**, }

.Binary inequality deny and audit deny modifiers for "change_profile -> /**"
FAIL: Hash values match
known-good (0f104a93d8f001f0f780702c8ff255b7) == profile-under-test 
(0f104a93d8f001f0f780702c8ff255b7) for the following profile:
/t { audit deny change_profile -> /**, }

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1446794

Title:
  parser error with 'deny change_profile'

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1446794/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to