aa-notify insists on admin group - even for root
Bug #1364665 reported by
Christian Boltz
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
Fix Released
|
Medium
|
Unassigned |
Bug Description
From a comment I just added to https:/
If running aa-notify as "real" root (not user+sudo), it should skip the group check. A quick look at the code indicates that this is the plan, but there seems to be a bug somewhere that lets this planned behaviour fail.
Changed in apparmor: | |
importance: | Undecided → Medium |
status: | New → Triaged |
tags: | added: aa-tools |
To post a comment you must log in.
Starting with AppArmor 2.13, the default notify.conf no longer has the group restriction and allows everybody to run aa-notify. Well, everybody who can read the audit.log ;-)