From 27b0a727ea394b6214eff7dfa9a91a3cfe52e6ec Mon Sep 17 00:00:00 2001
From: Christian Boltz <apparmor@cboltz.de>
Date: Mon, 12 Dec 2016 22:17:22 +0100
Subject: [PATCH] Add change_onexec log example to test_multi

Found in https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1648143 comment 1



Acked-by: John Johansen <john.johansen@canonical.com> for 2.9, 2.10, head

Acked-by: Seth Arnold <seth.arnold@canonical.com>
---
 .../test_multi/change_onexec_lp1648143.err        |  0
 .../test_multi/change_onexec_lp1648143.in         |  1 +
 .../test_multi/change_onexec_lp1648143.out        | 15 +++++++++++++++
 .../test_multi/change_onexec_lp1648143.profile    |  2 ++
 4 files changed, 18 insertions(+)
 create mode 100644 libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.err
 create mode 100644 libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.in
 create mode 100644 libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.out
 create mode 100644 libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.profile

diff --git a/libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.err b/libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.err
new file mode 100644
index 000000000..e69de29bb
diff --git a/libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.in b/libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.in
new file mode 100644
index 000000000..7e5decb08
--- /dev/null
+++ b/libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.in
@@ -0,0 +1 @@
+[103975.623545] audit: type=1400 audit(1481284511.494:2807): apparmor="DENIED" operation="change_onexec" info="no new privs" error=-1 namespace="root//lxd-tor_<var-lib-lxd>" profile="unconfined" name="system_tor" pid=18593 comm="(tor)" target="system_tor"
diff --git a/libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.out b/libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.out
new file mode 100644
index 000000000..0037d5c85
--- /dev/null
+++ b/libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.out
@@ -0,0 +1,15 @@
+START
+File: change_onexec_lp1648143.in
+Event type: AA_RECORD_DENIED
+Audit ID: 1481284511.494:2807
+Operation: change_onexec
+Profile: unconfined
+Name: system_tor
+Command: (tor)
+Name2: system_tor
+Namespace: root//lxd-tor_<var-lib-lxd>
+Info: no new privs
+ErrorCode: 1
+PID: 18593
+Epoch: 1481284511
+Audit subid: 2807
diff --git a/libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.profile b/libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.profile
new file mode 100644
index 000000000..7848bac5e
--- /dev/null
+++ b/libraries/libapparmor/testsuite/test_multi/change_onexec_lp1648143.profile
@@ -0,0 +1,2 @@
+profile unconfined {
+}