[Touch-packages] [Bug 1784499] Re: AppArmor treats regular NFS file access as network op

Launchpad Bug Tracker Sun, 19 Aug 2018 14:30:54 -0700

Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: apparmor (Ubuntu)
       Status: New => Confirmed


-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1784499

Title:
  AppArmor treats regular NFS file access as network op

Status in apparmor package in Ubuntu:
  Confirmed

Bug description:
  I am using AppArmor 2.12-4ubuntu5 on Ubuntu 18.04/bionic.

  I have the usr.bin.man profile enforced, and home directories in NFS.

  The log excerpt copied below is the result of a single invocation of
  "man ls" by an unprivileged user. (The program did display the man
  page correctly to the user.)

  It does not seem appropriate for AppArmor to report the man(1) program
  as having attempted to contact the NFS server directly, when it only
  tried to access an NFS-served file in the normal way. "man" is not a
  network-aware program and the log below misleadingly implies
  otherwise.

  ----------------

  Jul 30 17:38:35 darkstar kernel: [69963.052243] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.052274] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.052297] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.052314] kauditd_printk_skb: 34 
callbacks suppressed
  Jul 30 17:38:35 darkstar kernel: [69963.052316] audit: type=1400 
audit(1532986715.854:214): apparmor="DENIED" operation="sendmsg" 
profile="/usr/bin/man" pid=2781 comm="man" laddr=X.X.X.X lport=719 
faddr=Y.Y.Y.Y fport=2049 family="inet" sock_type="stream" protocol=6 
requested_mask="send" denied_mask="send"
  Jul 30 17:38:35 darkstar kernel: [69963.052323] audit: type=1400 
audit(1532986715.854:215): apparmor="DENIED" operation="sendmsg" 
profile="/usr/bin/man" pid=2781 comm="man" laddr=X.X.X.X lport=802 
faddr=10.24.115.84 fport=2049 family="inet" sock_type="stream" protocol=6 
requested_mask="send" denied_mask="send"
  Jul 30 17:38:35 darkstar kernel: [69963.052327] audit: type=1400 
audit(1532986715.854:216): apparmor="DENIED" operation="sendmsg" 
profile="/usr/bin/man" pid=2781 comm="man" laddr=X.X.X.X lport=719 
faddr=Y.Y.Y.Y fport=2049 family="inet" sock_type="stream" protocol=6 
requested_mask="send" denied_mask="send"
  Jul 30 17:38:35 darkstar kernel: [69963.052339] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.052363] audit: type=1400 
audit(1532986715.854:217): apparmor="DENIED" operation="sendmsg" 
profile="/usr/bin/man" pid=2781 comm="man" laddr=X.X.X.X lport=719 
faddr=Y.Y.Y.Y fport=2049 family="inet" sock_type="stream" protocol=6 
requested_mask="send" denied_mask="send"
  Jul 30 17:38:35 darkstar kernel: [69963.052364] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.052369] audit: type=1400 
audit(1532986715.854:218): apparmor="DENIED" operation="sendmsg" 
profile="/usr/bin/man" pid=2781 comm="man" laddr=X.X.X.X lport=802 
faddr=10.24.115.84 fport=2049 family="inet" sock_type="stream" protocol=6 
requested_mask="send" denied_mask="send"
  Jul 30 17:38:35 darkstar kernel: [69963.052386] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.052450] audit: type=1400 
audit(1532986715.854:219): apparmor="DENIED" operation="sendmsg" 
profile="/usr/bin/man" pid=2781 comm="man" laddr=X.X.X.X lport=719 
faddr=Y.Y.Y.Y fport=2049 family="inet" sock_type="stream" protocol=6 
requested_mask="send" denied_mask="send"
  Jul 30 17:38:35 darkstar kernel: [69963.059570] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.059640] audit: type=1400 
audit(1532986715.862:220): apparmor="DENIED" operation="sendmsg" 
profile="/usr/bin/man" pid=2781 comm="man" laddr=X.X.X.X lport=719 
faddr=Y.Y.Y.Y fport=2049 family="inet" sock_type="stream" protocol=6 
requested_mask="send" denied_mask="send"
  Jul 30 17:38:35 darkstar kernel: [69963.061907] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.061925] audit: type=1400 
audit(1532986715.862:221): apparmor="DENIED" operation="sendmsg" 
profile="/usr/bin/man" pid=2792 comm="less" laddr=X.X.X.X lport=719 
faddr=Y.Y.Y.Y fport=2049 family="inet" sock_type="stream" protocol=6 
requested_mask="send" denied_mask="send"
  Jul 30 17:38:35 darkstar kernel: [69963.062006] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.062014] audit: type=1400 
audit(1532986715.862:222): apparmor="DENIED" operation="sendmsg" 
profile="/usr/bin/man" pid=2792 comm="less" laddr=X.X.X.X lport=719 
faddr=Y.Y.Y.Y fport=2049 family="inet" sock_type="stream" protocol=6 
requested_mask="send" denied_mask="send"
  Jul 30 17:38:35 darkstar kernel: [69963.066404] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.066434] audit: type=1400 
audit(1532986715.866:223): apparmor="DENIED" operation="sendmsg" 
profile="/usr/bin/man" pid=2788 comm="man" laddr=X.X.X.X lport=719 
faddr=Y.Y.Y.Y fport=2049 family="inet" sock_type="stream" protocol=6 
requested_mask="send" denied_mask="send"
  Jul 30 17:38:35 darkstar kernel: [69963.066437] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.066462] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.067504] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.067535] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.067548] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.067560] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.067590] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.067622] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.068322] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.068338] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.068454] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.068493] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.068525] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.068704] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.068733] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.068754] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.091164] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.092624] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.092822] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.093069] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.093162] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.093926] nfs: RPC call returned error 
13
  Jul 30 17:38:35 darkstar kernel: [69963.094128] nfs: RPC call returned error 
13

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1784499/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1784499] Re: AppArmor treats regular NFS file access as network op

Reply via email to