aa-notify insists on admin group - even for root
Bug #1364665 reported by
Christian Boltz
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| AppArmor |
Fix Released
|
Medium
|
Unassigned | ||
Bug Description
From a comment I just added to https:/
If running aa-notify as "real" root (not user+sudo), it should skip the group check. A quick look at the code indicates that this is the plan, but there seems to be a bug somewhere that lets this planned behaviour fail.
| Changed in apparmor: | |
| importance: | Undecided → Medium |
| status: | New → Triaged |
| tags: | added: aa-tools |
Revision history for this message
| Christian Boltz (cboltz) wrote | #1 |
| Changed in apparmor: | |
| status: | Triaged → Fix Released |
To post a comment you must log in.
Starting with AppArmor 2.13, the default notify.conf no longer has the group restriction and allows everybody to run aa-notify. Well, everybody who can read the audit.log ;-)