| 2015-09-24 22:30:26 |
Tyler Hicks |
description |
The max profile name length is supposed to be (PATH_MAX - 1). However, there seems to be some sort of unintended limitation in place that is restricting it to 253 chars:
$ name=a; while [ $? -eq 0 ]; do prof="profile $name {}"; echo "$prof" | sudo apparmor_parser -qa && echo "$prof" | sudo apparmor_parser -qR && name=${name}a; done; echo "$name" | wc -m
apparmor_parser: Unable to add "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa". Unknown error (36): File name too long
253
That command should result in the value of (PATH_MAX - 1) being printed. |
The max profile name length is supposed to be (PATH_MAX - 1). However, there seems to be some sort of unintended limitation in place that is restricting it to 253 chars:
$ name=a; while [ $? -eq 0 ]; do prof="profile $name {}"; echo "$prof" | sudo apparmor_parser -qa && echo "$prof" | sudo apparmor_parser -qR && name=${name}a; done; echo "$name" | wc -m
apparmor_parser: Unable to add "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa". Unknown error (36): File name too long
253
That command should result in the value of (PATH_MAX - 1) being printed.
$ apparmor_parser -V
AppArmor parser version 2.9.1
Copyright (C) 1999-2008 Novell Inc.
Copyright 2009-2012 Canonical Ltd.
$ uname -a
Linux boyd 3.19.0-28-generic #30-Ubuntu SMP Mon Aug 31 15:52:51 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux |
|
