[Apparmor-dev] AppArmor Kernel Module Bug
John Johansen
jjohansen at suse.de
Thu Nov 8 18:41:53 MST 2007
On Tue, Oct 23, 2007 at 02:00:50AM -0600, Bob Ziuchkovski wrote:
> Hello. I am not subscribed to this mailing list, so if you need additional
> information please reply to my e-mail address (rziuchko .A. uccs.edu).
>
> I've found that apparmor (version 2.1+993-0ubuntu3 on ubuntu gutsy) causes
> problems with xl2tpd. Every time I try to connect to a l2tpd server, xl2tpd
> crashes with a kernel dump showing the EIP is at an apparmor function:
>
> "EIP is at apparmor_socket_getpeersec_dgram+0x0/0x10 [apparmor]".
>
> It seems to be a problem with the apparmor kernel module in general, as I do
> not have any profiles defined for xl2tpd and all works fine when I
> modprobe -r apparmor. I've pasted the full output from my syslog pertaining
> to the apparmor-induced xl2tpd crashes below.
>
Bob sorry for the delay, I lost the moderation request in the sea of
spam. I am looking into it, but I have some additional questions.
What profiles are loaded?
What is launching xl2tpd?
The reason I ask is it will help establish where the error is.
There are two potential problems
- 1. the get_peersec hook is getting passed a null sock. This would
cause a crash but should not happen.
- 2. there is a profile on the xl2tpd process, which is the only
way to get into the actual apparmor code.
If you can provide any pointers for setting up xl2tpd for testing I
would be greatful.
thanks
john
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url : http://forge.novell.com/pipermail/apparmor-dev/attachments/20071108/9cf99460/attachment.pgp
More information about the Apparmor-dev
mailing list