mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 01:57:43 +00:00
Code Issues Releases Wiki Activity

logparser: add support for change_onexec logs

Browse Source 
Add support for change_onexec logs by converting it to change_profile.
Fix associated test.

Signed-off-by: Maxime Bélair <maxime.belair@canonical.com>
This commit is contained in:
Maxime Bélair 2025-07-24 13:28:40 +02:00
parent 49cb0fe248
commit 2448655188
3 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.profile
View File

@ -1,2 +1,4 @@
profile unconfined { profile unconfined {
change_profile -> system_tor,
} }

2
utils/apparmor/logparser.py
View File

@ -359,7 +359,7 @@ class ReadLog:
self.hashlog[aamode][full_profile]['change_hat'][e['name2']] = True self.hashlog[aamode][full_profile]['change_hat'][e['name2']] = True
return return
elif e['operation'] == 'change_profile': elif e['operation'] == 'change_profile' or e['operation'] == 'change_onexec':
ChangeProfileRule.hashlog_from_event(self.hashlog[aamode][full_profile]['change_profile'], e) ChangeProfileRule.hashlog_from_event(self.hashlog[aamode][full_profile]['change_profile'], e)
return return

1
utils/test/test-libapparmor-test_multi.py
View File

@ -166,7 +166,6 @@ log_to_profile_skip = [
# tests that cause an empty log # tests that cause an empty log
log_to_profile_known_empty_log = [ log_to_profile_known_empty_log = [
'change_onexec_lp1648143', # change_onexec not supported in logparser.py yet (and the log is about "no new privs" error)
'ptrace_garbage_lp1689667_1', # no denied= in log 'ptrace_garbage_lp1689667_1', # no denied= in log
'ptrace_no_denied_mask', # no denied= in log 'ptrace_no_denied_mask', # no denied= in log
'unconfined-change_hat', # unconfined trying to change_hat, which isn't allowed 'unconfined-change_hat', # unconfined trying to change_hat, which isn't allowed