Comment 1 for bug 1238267

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package dbus - 1.6.12-0ubuntu10

dbus (1.6.12-0ubuntu10) saucy; urgency=low

  * debian/patches/aa-mediation.patch: Attempt to open() the mask file in
    apparmorfs/features/dbus rather than simply stat() the dbus directory.
    This is an important difference because AppArmor does not mediate the
    stat() syscall. This resulted in problems in an environment where
    dbus-daemon, running inside of an LXC container, did not have the
    necessary AppArmor rules to access apparmorfs but the stat() succeeded
    so mediation was not properly disabled. (LP: #1238267)
    This problem was exposed after dropping aa-kernel-compat-check.patch
    because the compat check was an additional check that performed a test
    query. The test query was failing in the above scenario, which did result
    in mediation being disabled.
  * debian/patches/aa-get-connection-apparmor-security-context.patch,
    debian/patches/aa-mediate-eavesdropping.patch: Refresh these patches to
    accomodate the above change
 -- Tyler Hicks <email address hidden> Thu, 10 Oct 2013 10:40:26 -0700