AppArmor initialization code should open a file in apparmorfs instead of stat'ing it

Bug #1238267 reported by Tyler Hicks on 2013-10-10
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
dbus (Ubuntu)
High
Tyler Hicks
Saucy
High
Tyler Hicks

Bug Description

When dbus-daemon is initializing the AppArmor module, the AppArmor code checks for the existence of a file in apparmorfs. If the file does not exist or can't be opened, the AppArmor mediation hooks will be disabled.

LXC shipped a change that denied access to apparmorfs (https://lists.ubuntu.com/archives/saucy-changes/2013-October/012059.html) through the use of an AppArmor denial rule. However, AppArmor does not mediate stat() so dbus-daemon doesn't detect that it cannot read files in apparmorfs.

The fix is to have dbus-daemon open() a file in apparmorfs, rather than stat() a file.

This is needed to fix failing desktop autopilot tests.

Changed in dbus (Ubuntu):
milestone: none → ubuntu-13.10
Changed in dbus (Ubuntu Saucy):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package dbus - 1.6.12-0ubuntu10

---------------
dbus (1.6.12-0ubuntu10) saucy; urgency=low

  * debian/patches/aa-mediation.patch: Attempt to open() the mask file in
    apparmorfs/features/dbus rather than simply stat() the dbus directory.
    This is an important difference because AppArmor does not mediate the
    stat() syscall. This resulted in problems in an environment where
    dbus-daemon, running inside of an LXC container, did not have the
    necessary AppArmor rules to access apparmorfs but the stat() succeeded
    so mediation was not properly disabled. (LP: #1238267)
    This problem was exposed after dropping aa-kernel-compat-check.patch
    because the compat check was an additional check that performed a test
    query. The test query was failing in the above scenario, which did result
    in mediation being disabled.
  * debian/patches/aa-get-connection-apparmor-security-context.patch,
    debian/patches/aa-mediate-eavesdropping.patch: Refresh these patches to
    accomodate the above change
 -- Tyler Hicks <email address hidden> Thu, 10 Oct 2013 10:40:26 -0700

Changed in dbus (Ubuntu Saucy):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers