Comment 6 for bug 1408833

To most easily reproduce this,

1. install lxc and libvirt-bin on your host

2. Grab the testcase from comment #5, compile it twice, once as $HOME/test/aasocat and once as $HOME/test/aasocat2

3. Grab the attachmen tfrom comment #4. call it /etc/apparmor.d/home.$user.test.aa_socat, and change the path listed in the file to /home/$user/test/aa_socat

4. load the policy (apparmor_parser -r /etc/apparmor/home.$user.test.aa_socat)

Now when you run $HOME/test/aa_socat and type "hi there <return>", you'll see the failure. When you run $HOME/test/aa_socat2, you'll see "success". Nothing shows up in /var/log/audit/audit.log however.

Here is my terminal output:

0 ✓ serge@sl ~/test $ sudo ./aasocat2
[sudo] password for serge:
hi there
system: Success
0 ✓ serge@sl ~/test $ sudo ./aasocat
hi there
2015/01/09 14:23:47 socat[10526] E read(3, 0x1fdb9b0, 8192): Permission denied
system: Success