Hmm, I was scp'ing binaries around and I seem to have broken
apparmor_parser on that box at the moment (glibc conflicts - I copied a
build from the wrong box by mistake).
I'm travelling over the weekend and early next week - I'll upload it as
soon as I have a chance to get that working again.
--
I've attached a patch against the 2.9 branch that's working for me. I'm
allowing rbind as well as bind because that's the part of the actual
call that caused me to discover this. It looks like an equivalent change
could be made against master as well:
http://bazaar.launchpad.net/~apparmor-
dev/app
John,
Sure thing. Here's my /sys/kernel/security/apparmor/features:
capability caps domain file mount namespaces network policy
rlimit
The profile dump is attached. Thanks for having a look! I was just
starting to trawl through the source to see if it was something I could
patch myself, b
I just hit this myself with AppArmor 2.9.1 in Debian wheezy. Has this
been fixed upstream? I've attached a minimal reproduction.
** Attachment added: "minimal reproduction: application and apparmor profile"
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1272028/+attachment/4456972/+fi
4 matches
Mail list logo
