Ubuntu
apparmor package

aa-status doesn't report an application as unconfined when using path globbing

Bug #595714 reported by Jamie Strandboge on 2010-06-17

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	AppArmor	Triaged	Low	Unassigned
	apparmor (Ubuntu)	Triaged	Low	Unassigned

Bug Description

Binary package hint: apparmor

If I do the following:
$ sudo apparmor_parser -R /etc/apparmor.d/usr.bin.evince
$ evince &
$ sudo apparmor_parser -r /etc/apparmor.d/usr.bin.evince
$ sudo aa-status

I get:
1 processes are unconfined but have a profile defined.
/usr/bin/evince (1756)

Good.

If I do:
$ sudo apparmor_parser -R /etc/apparmor.d/usr.bin.firefox
$ firefox &
$ sudo apparmor_parser -r /etc/apparmor.d/usr.bin.firefox
$ sudo aa-status

I get:
0 processes are unconfined but have a profile defined.

This is because the firefox uses the following to define the pathname:
/usr/lib/firefox-3.5.*/firefox { ... }

aa-status should be updated to support path name globbing.

See original description

Tags:

Jamie Strandboge (jdstrand) on 2010-06-17

Changed in apparmor (Ubuntu):
status:	New → Triaged
importance:	Undecided → Low
description:	updated

Jamie Strandboge (jdstrand) on 2014-10-09

tags:

added: aa-tools

Jamie Strandboge (jdstrand) on 2014-10-10

Changed in apparmor:
importance:	Undecided → Low
status:	New → Triaged

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuapparmor package

aa-status doesn't report an application as unconfined when using path globbing

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
apparmor package