Ubuntu
apparmor package

Bug #539441
Activity log

Activity log for bug #539441

Date	Who	What changed	Old value	New value	Message
2010-03-16 09:00:49	thosjo	bug			added bug
2010-03-26 14:17:09	Marc Deslauriers	apparmor (Ubuntu): assignee		Marc Deslauriers (mdeslaur)
2010-03-26 14:17:19	Marc Deslauriers	apparmor (Ubuntu): status	New	Confirmed
2010-03-26 16:00:16	Launchpad Janitor	apparmor (Ubuntu): status	Confirmed	Fix Released
2010-03-26 16:15:26	Launchpad Janitor	branch linked		lp:ubuntu/apparmor
2010-10-19 20:00:20	Jamie Strandboge	nominated for series		Ubuntu Lucid
2010-10-19 20:00:20	Jamie Strandboge	bug task added		apparmor (Ubuntu Lucid)
2010-10-19 20:00:20	Jamie Strandboge	nominated for series		Ubuntu Maverick
2010-10-19 20:00:20	Jamie Strandboge	bug task added		apparmor (Ubuntu Maverick)
2010-10-19 20:00:20	Jamie Strandboge	nominated for series		Ubuntu Natty
2010-10-19 20:00:20	Jamie Strandboge	bug task added		apparmor (Ubuntu Natty)
2010-10-19 20:00:46	Jamie Strandboge	apparmor (Ubuntu Lucid): status	New	Fix Released
2010-10-19 20:00:46	Jamie Strandboge	apparmor (Ubuntu Lucid): assignee		Marc Deslauriers (mdeslaur)
2010-10-19 20:01:05	Jamie Strandboge	apparmor (Ubuntu Natty): status	Fix Released	Triaged
2010-10-19 20:01:05	Jamie Strandboge	apparmor (Ubuntu Natty): assignee	Marc Deslauriers (mdeslaur)	Jamie Strandboge (jdstrand)
2010-10-19 20:01:15	Jamie Strandboge	apparmor (Ubuntu Maverick): status	New	Triaged
2010-10-19 20:01:19	Jamie Strandboge	apparmor (Ubuntu Maverick): assignee		Jamie Strandboge (jdstrand)
2010-10-19 20:50:10	Launchpad Janitor	apparmor (Ubuntu Natty): status	Triaged	Fix Released
2010-10-19 21:15:43	Launchpad Janitor	branch linked		lp:ubuntu/apparmor
2010-10-19 21:21:24	Jamie Strandboge	apparmor (Ubuntu Maverick): status	Triaged	In Progress
2010-10-22 07:52:55	Martin Pitt	apparmor (Ubuntu Maverick): status	In Progress	Fix Committed
2010-10-22 07:52:59	Martin Pitt	bug			added subscriber Ubuntu Stable Release Updates Team
2010-10-22 07:53:03	Martin Pitt	bug			added subscriber SRU Verification
2010-10-22 07:53:05	Martin Pitt	tags		verification-needed
2010-10-22 08:17:26	Launchpad Janitor	branch linked		lp:ubuntu/maverick-proposed/apparmor
2010-11-11 21:23:01	Jamie Strandboge	description	Binary package hint: apparmor aa-logprof doesn't generate (or modify) policies due to missing abstractions/apache2-common ~# aa-logprof Can't find include file abstractions/apache2-common: No such file or directory ~# Audit messages are present in the log file: ~# grep audit /var/log/messages \| tail -n 10 Mar 16 09:53:57 panopticon kernel: [ 2117.122866] type=1502 audit(1268729637.896:3405): operation="file_perm" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/etc/cups/cupsd.conf" Mar 16 09:53:57 panopticon kernel: [ 2117.122978] type=1502 audit(1268729637.896:3406): operation="open" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/etc/papersize" Mar 16 09:53:57 panopticon kernel: [ 2117.122989] type=1502 audit(1268729637.896:3407): operation="file_perm" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/etc/papersize" Mar 16 09:54:28 panopticon kernel: [ 2147.329908] type=1502 audit(1268729668.105:3738): operation="rename_src" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="rw::" denied_mask="rw::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.329916] type=1502 audit(1268729668.105:3739): operation="rename_dest" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="wc::" denied_mask="wc::" fsuid=0 ouid=0 name="/etc/cups/printers.conf.O" Mar 16 09:54:28 panopticon kernel: [ 2147.329970] type=1502 audit(1268729668.105:3740): operation="mknod" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="c::" denied_mask="c::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.329987] type=1502 audit(1268729668.105:3741): operation="open" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="wc::" denied_mask="wc::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.330006] type=1502 audit(1268729668.105:3742): operation="chown" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="w::" denied_mask="w::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.330021] type=1502 audit(1268729668.105:3743): operation="chmod" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="w::" denied_mask="w::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.330062] type=1502 audit(1268729668.105:3744): operation="file_perm" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="w::" denied_mask="w::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" ~# lsb_release -a LSB Version: core-2.0-ia32:core-2.0-noarch:core-3.0-ia32:core-3.0-noarch:core-3.1-ia32:core-3.1-noarch:core-3.2-ia32:core-3.2-noarch:core-4.0-ia32:core-4.0-noarch Distributor ID: Ubuntu Description: Ubuntu lucid (development branch) Release: 10.04 Codename: lucid ~# dpkg -l \|grep appar ii apparmor 2.5-0ubuntu1 User-space parser utility for AppArmor ii apparmor-profiles 2.5-0ubuntu1 Profiles for AppArmor Security policies ii apparmor-utils 2.5-0ubuntu1 Utilities for controlling AppArmor ii libapparmor-perl 2.5-0ubuntu1 AppArmor library Perl bindings ii libapparmor1 2.5-0ubuntu1 changehat AppArmor library	SRU Justification 1. impact of the bug is medium for stable releases since aa-logprof is rendered inoperable when apparmor-profiles is installed 2. This has been addressed in the development branch 3. Patch is in packaging and consists of shipping apache2-common in apparmor. 4. TEST CASE: $ sudo apt-get remove --purge apparmor # only if downgraded first $ sudo apt-get install apparmor apparmor-profiles $ sudo aa-logprof Can't find include file abstractions/apache2-common: No such file or directory A fixed package will not have the above error. 5. The regression potential of the patch is very low, as it only moves apache2-common to the apparmor package. Initial Report: Binary package hint: apparmor aa-logprof doesn't generate (or modify) policies due to missing abstractions/apache2-common ~# aa-logprof Can't find include file abstractions/apache2-common: No such file or directory ~# Audit messages are present in the log file: ~# grep audit /var/log/messages \| tail -n 10 Mar 16 09:53:57 panopticon kernel: [ 2117.122866] type=1502 audit(1268729637.896:3405): operation="file_perm" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/etc/cups/cupsd.conf" Mar 16 09:53:57 panopticon kernel: [ 2117.122978] type=1502 audit(1268729637.896:3406): operation="open" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/etc/papersize" Mar 16 09:53:57 panopticon kernel: [ 2117.122989] type=1502 audit(1268729637.896:3407): operation="file_perm" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/etc/papersize" Mar 16 09:54:28 panopticon kernel: [ 2147.329908] type=1502 audit(1268729668.105:3738): operation="rename_src" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="rw::" denied_mask="rw::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.329916] type=1502 audit(1268729668.105:3739): operation="rename_dest" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="wc::" denied_mask="wc::" fsuid=0 ouid=0 name="/etc/cups/printers.conf.O" Mar 16 09:54:28 panopticon kernel: [ 2147.329970] type=1502 audit(1268729668.105:3740): operation="mknod" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="c::" denied_mask="c::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.329987] type=1502 audit(1268729668.105:3741): operation="open" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="wc::" denied_mask="wc::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.330006] type=1502 audit(1268729668.105:3742): operation="chown" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="w::" denied_mask="w::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.330021] type=1502 audit(1268729668.105:3743): operation="chmod" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="w::" denied_mask="w::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.330062] type=1502 audit(1268729668.105:3744): operation="file_perm" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="w::" denied_mask="w::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" ~# lsb_release -a LSB Version: core-2.0-ia32:core-2.0-noarch:core-3.0-ia32:core-3.0-noarch:core-3.1-ia32:core-3.1-noarch:core-3.2-ia32:core-3.2-noarch:core-4.0-ia32:core-4.0-noarch Distributor ID: Ubuntu Description: Ubuntu lucid (development branch) Release: 10.04 Codename: lucid ~# dpkg -l \|grep appar ii apparmor 2.5-0ubuntu1 User-space parser utility for AppArmor ii apparmor-profiles 2.5-0ubuntu1 Profiles for AppArmor Security policies ii apparmor-utils 2.5-0ubuntu1 Utilities for controlling AppArmor ii libapparmor-perl 2.5-0ubuntu1 AppArmor library Perl bindings ii libapparmor1 2.5-0ubuntu1 changehat AppArmor library
2010-11-11 22:05:02	Jamie Strandboge	description	SRU Justification 1. impact of the bug is medium for stable releases since aa-logprof is rendered inoperable when apparmor-profiles is installed 2. This has been addressed in the development branch 3. Patch is in packaging and consists of shipping apache2-common in apparmor. 4. TEST CASE: $ sudo apt-get remove --purge apparmor # only if downgraded first $ sudo apt-get install apparmor apparmor-profiles $ sudo aa-logprof Can't find include file abstractions/apache2-common: No such file or directory A fixed package will not have the above error. 5. The regression potential of the patch is very low, as it only moves apache2-common to the apparmor package. Initial Report: Binary package hint: apparmor aa-logprof doesn't generate (or modify) policies due to missing abstractions/apache2-common ~# aa-logprof Can't find include file abstractions/apache2-common: No such file or directory ~# Audit messages are present in the log file: ~# grep audit /var/log/messages \| tail -n 10 Mar 16 09:53:57 panopticon kernel: [ 2117.122866] type=1502 audit(1268729637.896:3405): operation="file_perm" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/etc/cups/cupsd.conf" Mar 16 09:53:57 panopticon kernel: [ 2117.122978] type=1502 audit(1268729637.896:3406): operation="open" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/etc/papersize" Mar 16 09:53:57 panopticon kernel: [ 2117.122989] type=1502 audit(1268729637.896:3407): operation="file_perm" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/etc/papersize" Mar 16 09:54:28 panopticon kernel: [ 2147.329908] type=1502 audit(1268729668.105:3738): operation="rename_src" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="rw::" denied_mask="rw::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.329916] type=1502 audit(1268729668.105:3739): operation="rename_dest" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="wc::" denied_mask="wc::" fsuid=0 ouid=0 name="/etc/cups/printers.conf.O" Mar 16 09:54:28 panopticon kernel: [ 2147.329970] type=1502 audit(1268729668.105:3740): operation="mknod" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="c::" denied_mask="c::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.329987] type=1502 audit(1268729668.105:3741): operation="open" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="wc::" denied_mask="wc::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.330006] type=1502 audit(1268729668.105:3742): operation="chown" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="w::" denied_mask="w::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.330021] type=1502 audit(1268729668.105:3743): operation="chmod" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="w::" denied_mask="w::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.330062] type=1502 audit(1268729668.105:3744): operation="file_perm" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="w::" denied_mask="w::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" ~# lsb_release -a LSB Version: core-2.0-ia32:core-2.0-noarch:core-3.0-ia32:core-3.0-noarch:core-3.1-ia32:core-3.1-noarch:core-3.2-ia32:core-3.2-noarch:core-4.0-ia32:core-4.0-noarch Distributor ID: Ubuntu Description: Ubuntu lucid (development branch) Release: 10.04 Codename: lucid ~# dpkg -l \|grep appar ii apparmor 2.5-0ubuntu1 User-space parser utility for AppArmor ii apparmor-profiles 2.5-0ubuntu1 Profiles for AppArmor Security policies ii apparmor-utils 2.5-0ubuntu1 Utilities for controlling AppArmor ii libapparmor-perl 2.5-0ubuntu1 AppArmor library Perl bindings ii libapparmor1 2.5-0ubuntu1 changehat AppArmor library	SRU Justification 1. impact of the bug is medium for stable releases since aa-logprof is rendered inoperable when apparmor-profiles is installed 2. This has been addressed in the development branch 3. Patch is in packaging and consists of shipping apache2-common in apparmor. 4. TEST CASE: $ sudo apt-get remove --purge apparmor # only if downgraded first $ sudo apt-get install apparmor apparmor-utils apparmor-profiles $ sudo aa-logprof Can't find include file abstractions/apache2-common: No such file or directory A fixed package will not have the above error. 5. The regression potential of the patch is very low, as it only moves apache2-common to the apparmor package. Initial Report: Binary package hint: apparmor aa-logprof doesn't generate (or modify) policies due to missing abstractions/apache2-common ~# aa-logprof Can't find include file abstractions/apache2-common: No such file or directory ~# Audit messages are present in the log file: ~# grep audit /var/log/messages \| tail -n 10 Mar 16 09:53:57 panopticon kernel: [ 2117.122866] type=1502 audit(1268729637.896:3405): operation="file_perm" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/etc/cups/cupsd.conf" Mar 16 09:53:57 panopticon kernel: [ 2117.122978] type=1502 audit(1268729637.896:3406): operation="open" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/etc/papersize" Mar 16 09:53:57 panopticon kernel: [ 2117.122989] type=1502 audit(1268729637.896:3407): operation="file_perm" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/etc/papersize" Mar 16 09:54:28 panopticon kernel: [ 2147.329908] type=1502 audit(1268729668.105:3738): operation="rename_src" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="rw::" denied_mask="rw::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.329916] type=1502 audit(1268729668.105:3739): operation="rename_dest" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="wc::" denied_mask="wc::" fsuid=0 ouid=0 name="/etc/cups/printers.conf.O" Mar 16 09:54:28 panopticon kernel: [ 2147.329970] type=1502 audit(1268729668.105:3740): operation="mknod" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="c::" denied_mask="c::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.329987] type=1502 audit(1268729668.105:3741): operation="open" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="wc::" denied_mask="wc::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.330006] type=1502 audit(1268729668.105:3742): operation="chown" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="w::" denied_mask="w::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.330021] type=1502 audit(1268729668.105:3743): operation="chmod" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="w::" denied_mask="w::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.330062] type=1502 audit(1268729668.105:3744): operation="file_perm" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="w::" denied_mask="w::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" ~# lsb_release -a LSB Version: core-2.0-ia32:core-2.0-noarch:core-3.0-ia32:core-3.0-noarch:core-3.1-ia32:core-3.1-noarch:core-3.2-ia32:core-3.2-noarch:core-4.0-ia32:core-4.0-noarch Distributor ID: Ubuntu Description: Ubuntu lucid (development branch) Release: 10.04 Codename: lucid ~# dpkg -l \|grep appar ii apparmor 2.5-0ubuntu1 User-space parser utility for AppArmor ii apparmor-profiles 2.5-0ubuntu1 Profiles for AppArmor Security policies ii apparmor-utils 2.5-0ubuntu1 Utilities for controlling AppArmor ii libapparmor-perl 2.5-0ubuntu1 AppArmor library Perl bindings ii libapparmor1 2.5-0ubuntu1 changehat AppArmor library
2010-11-15 10:06:36	Martin Pitt	tags	verification-needed	verification-donee
2010-11-15 10:06:40	Martin Pitt	tags	verification-donee	verification-done
2010-11-17 12:58:27	Launchpad Janitor	apparmor (Ubuntu Maverick): status	Fix Committed	Fix Released
2010-12-03 17:15:57	Martin Pitt	tags	verification-done
2010-12-03 17:16:00	Martin Pitt	tags		verification-needed
2010-12-14 18:32:51	Jamie Strandboge	tags	verification-needed	verification-done
2010-12-14 19:06:24	Jamie Strandboge	apparmor (Ubuntu Lucid): status	Fix Released	Fix Committed
2010-12-15 11:50:58	Launchpad Janitor	apparmor (Ubuntu Lucid): status	Fix Committed	Fix Released

Ubuntuapparmor package

Activity log for bug #539441

Ubuntu
apparmor package