broken log line for exec with ubuntu kernel 3.13

[17:49:06] <peetaur2> is this line broken? where is the exe name? type=AVC msg=audit(1416501701.290:5004677): apparmor="ALLOWED" operation="exec" profile="/usr/sbin/apache2///bin/dash" pid=27481 comm="sh" requested_mask="x" denied_mask="x" fsuid=33 ouid=0 target="/usr/sbin/apache2///bin/dash//null-eaae"
[17:49:51] <peetaur2> with openSUSE, I get a name= field there, like this. type=AVC msg=audit(1416490438.373:58878): apparmor="ALLOWED" operation="exec" profile="/usr/lib64/firefox/firefox.sh" name="/usr/bin/file" pid=5323 comm="firefox" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 target="/usr/lib64/firefox/firefox.sh//null-2"
[17:50:19] <peetaur2> and maybe that is what prevents aa-logprof from working at all on Ubuntu with the backports tools
[17:55:01] <cboltz> is there a line nearby that shows what is executed?
[17:55:18] <peetaur2> no, I think that is the line ... the useful one is missing
[18:00:36] <peetaur2> version is 2.8.98-0ubuntu2+utopic.backport and kernel is 3.13.0-30-generic btw

[00:14:17] <jjohansen> cboltz: so looking at those logs something isn't right, with the way its structured I am thinking it is the audit framework in the kernel (not auditd), the audit framework adds the things like pid and comm, it looks like they have added a name field
[00:14:35] <jjohansen> the requested and denied mask both being null would be an apparmor bug