Binary package hint: apparmor
aa-logprof doesn't generate (or modify) policies due to missing abstractions/apache2-common
~# aa-logprof Can't find include file abstractions/apache2-common: No such file or directory ~#
Audit messages are present in the log file:
~# grep audit /var/log/messages | tail -n 10 Mar 16 09:53:57 panopticon kernel: [ 2117.122866] type=1502 audit(1268729637.896:3405): operation="file_perm" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/etc/cups/cupsd.conf" Mar 16 09:53:57 panopticon kernel: [ 2117.122978] type=1502 audit(1268729637.896:3406): operation="open" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/etc/papersize" Mar 16 09:53:57 panopticon kernel: [ 2117.122989] type=1502 audit(1268729637.896:3407): operation="file_perm" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/etc/papersize" Mar 16 09:54:28 panopticon kernel: [ 2147.329908] type=1502 audit(1268729668.105:3738): operation="rename_src" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="rw::" denied_mask="rw::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.329916] type=1502 audit(1268729668.105:3739): operation="rename_dest" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="wc::" denied_mask="wc::" fsuid=0 ouid=0 name="/etc/cups/printers.conf.O" Mar 16 09:54:28 panopticon kernel: [ 2147.329970] type=1502 audit(1268729668.105:3740): operation="mknod" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="c::" denied_mask="c::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.329987] type=1502 audit(1268729668.105:3741): operation="open" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="wc::" denied_mask="wc::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.330006] type=1502 audit(1268729668.105:3742): operation="chown" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="w::" denied_mask="w::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.330021] type=1502 audit(1268729668.105:3743): operation="chmod" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="w::" denied_mask="w::" fsuid=0 ouid=0 name="/etc/cups/printers.conf" Mar 16 09:54:28 panopticon kernel: [ 2147.330062] type=1502 audit(1268729668.105:3744): operation="file_perm" pid=2983 parent=1 profile="/usr/sbin/cupsd" requested_mask="w::" denied_mask="w::" fsuid=0 ouid=0 name="/etc/cups/printers.conf"
~# lsb_release -a LSB Version: core-2.0-ia32:core-2.0-noarch:core-3.0-ia32:core-3.0-noarch:core-3.1-ia32:core-3.1-noarch:core-3.2-ia32:core-3.2-noarch:core-4.0-ia32:core-4.0-noarch Distributor ID: Ubuntu Description: Ubuntu lucid (development branch) Release: 10.04 Codename: lucid
~# dpkg -l |grep appar ii apparmor 2.5-0ubuntu1 User-space parser utility for AppArmor ii apparmor-profiles 2.5-0ubuntu1 Profiles for AppArmor Security policies ii apparmor-utils 2.5-0ubuntu1 Utilities for controlling AppArmor ii libapparmor-perl 2.5-0ubuntu1 AppArmor library Perl bindings ii libapparmor1 2.5-0ubuntu1 changehat AppArmor library
Binary package hint: apparmor
aa-logprof doesn't generate (or modify) policies due to missing abstractions/ apache2- common
~# aa-logprof apache2- common: No such file or directory
Can't find include file abstractions/
~#
Audit messages are present in the log file:
~# grep audit /var/log/messages | tail -n 10 7.896:3405) : operation= "file_perm" pid=2983 parent=1 profile= "/usr/sbin/ cupsd" requested_ mask="r: :" denied_mask="r::" fsuid=0 ouid=0 name="/ etc/cups/ cupsd.conf" 7.896:3406) : operation="open" pid=2983 parent=1 profile= "/usr/sbin/ cupsd" requested_ mask="r: :" denied_mask="r::" fsuid=0 ouid=0 name="/ etc/papersize" 7.896:3407) : operation= "file_perm" pid=2983 parent=1 profile= "/usr/sbin/ cupsd" requested_ mask="r: :" denied_mask="r::" fsuid=0 ouid=0 name="/ etc/papersize" 8.105:3738) : operation= "rename_ src" pid=2983 parent=1 profile= "/usr/sbin/ cupsd" requested_ mask="rw: :" denied_mask="rw::" fsuid=0 ouid=0 name="/ etc/cups/ printers. conf" 8.105:3739) : operation= "rename_ dest" pid=2983 parent=1 profile= "/usr/sbin/ cupsd" requested_ mask="wc: :" denied_mask="wc::" fsuid=0 ouid=0 name="/ etc/cups/ printers. conf.O" 8.105:3740) : operation="mknod" pid=2983 parent=1 profile= "/usr/sbin/ cupsd" requested_ mask="c: :" denied_mask="c::" fsuid=0 ouid=0 name="/ etc/cups/ printers. conf" 8.105:3741) : operation="open" pid=2983 parent=1 profile= "/usr/sbin/ cupsd" requested_ mask="wc: :" denied_mask="wc::" fsuid=0 ouid=0 name="/ etc/cups/ printers. conf" 8.105:3742) : operation="chown" pid=2983 parent=1 profile= "/usr/sbin/ cupsd" requested_ mask="w: :" denied_mask="w::" fsuid=0 ouid=0 name="/ etc/cups/ printers. conf" 8.105:3743) : operation="chmod" pid=2983 parent=1 profile= "/usr/sbin/ cupsd" requested_ mask="w: :" denied_mask="w::" fsuid=0 ouid=0 name="/ etc/cups/ printers. conf" 8.105:3744) : operation= "file_perm" pid=2983 parent=1 profile= "/usr/sbin/ cupsd" requested_ mask="w: :" denied_mask="w::" fsuid=0 ouid=0 name="/ etc/cups/ printers. conf"
Mar 16 09:53:57 panopticon kernel: [ 2117.122866] type=1502 audit(126872963
Mar 16 09:53:57 panopticon kernel: [ 2117.122978] type=1502 audit(126872963
Mar 16 09:53:57 panopticon kernel: [ 2117.122989] type=1502 audit(126872963
Mar 16 09:54:28 panopticon kernel: [ 2147.329908] type=1502 audit(126872966
Mar 16 09:54:28 panopticon kernel: [ 2147.329916] type=1502 audit(126872966
Mar 16 09:54:28 panopticon kernel: [ 2147.329970] type=1502 audit(126872966
Mar 16 09:54:28 panopticon kernel: [ 2147.329987] type=1502 audit(126872966
Mar 16 09:54:28 panopticon kernel: [ 2147.330006] type=1502 audit(126872966
Mar 16 09:54:28 panopticon kernel: [ 2147.330021] type=1502 audit(126872966
Mar 16 09:54:28 panopticon kernel: [ 2147.330062] type=1502 audit(126872966
~# lsb_release -a 0-ia32: core-2. 0-noarch: core-3. 0-ia32: core-3. 0-noarch: core-3. 1-ia32: core-3. 1-noarch: core-3. 2-ia32: core-3. 2-noarch: core-4. 0-ia32: core-4. 0-noarch
LSB Version: core-2.
Distributor ID: Ubuntu
Description: Ubuntu lucid (development branch)
Release: 10.04
Codename: lucid
~# dpkg -l |grep appar
ii apparmor 2.5-0ubuntu1 User-space parser utility for AppArmor
ii apparmor-profiles 2.5-0ubuntu1 Profiles for AppArmor Security policies
ii apparmor-utils 2.5-0ubuntu1 Utilities for controlling AppArmor
ii libapparmor-perl 2.5-0ubuntu1 AppArmor library Perl bindings
ii libapparmor1 2.5-0ubuntu1 changehat AppArmor library