mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-30 22:05:27 +00:00
Code Issues Releases Wiki Activity
Files
master
apparmor/libraries/libapparmor/testsuite/test_multi/status-filesystem-enabled.in
Christian Boltz 88595722f6 Avoid aa-notify crash on log events without operation= 
Some STATUS log events trigger a crash in aa-notify because the log
line doesn't have operation=. Examples are:

    type=AVC msg=audit(1630913351.586:4): apparmor="STATUS" info="AppArmor Filesystem Enabled" pid=1 comm="swapper/0"

    type=AVC msg=audit(1630913352.610:6): apparmor="STATUS" info="AppArmor sha1 policy hashing enabled" pid=1 comm="swapper/0"

Fix this by not looking at log events without operation=

Also add one of the example events as libapparmor testcase.

Fixes: https://gitlab.com/apparmor/apparmor/-/issues/194
2021-09-06 16:54:33 +02:00

2 lines
124 B
Plaintext
Raw Permalink Blame History

audit.log:type=AVC msg=audit(1630913351.586:4): apparmor="STATUS" info="AppArmor Filesystem Enabled" pid=1 comm="swapper/0"
Reference in New Issue View Git Blame Copy Permalink