broken log line for exec with ubuntu kernel 3.13
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
New
|
Undecided
|
Unassigned |
Bug Description
[17:49:06] <peetaur2> is this line broken? where is the exe name? type=AVC msg=audit(
[17:49:51] <peetaur2> with openSUSE, I get a name= field there, like this. type=AVC msg=audit(
[17:50:19] <peetaur2> and maybe that is what prevents aa-logprof from working at all on Ubuntu with the backports tools
[17:55:01] <cboltz> is there a line nearby that shows what is executed?
[17:55:18] <peetaur2> no, I think that is the line ... the useful one is missing
[18:00:36] <peetaur2> version is 2.8.98-
[00:14:17] <jjohansen> cboltz: so looking at those logs something isn't right, with the way its structured I am thinking it is the audit framework in the kernel (not auditd), the audit framework adds the things like pid and comm, it looks like they have added a name field
[00:14:35] <jjohansen> the requested and denied mask both being null would be an apparmor bug
This looks like a duplicate of the (newer, but more detailed) bug 1545776