[Apparmor-general] logprof doesn't merge rwl and k rules
Christian Boltz
apparmor at cboltz.de
Thu Sep 4 12:56:25 MDT 2008
Hello,
another issue I just found out: logprof doesn't always merge rules.
This happens at least on rwl + k rules.
(server running openSUSE 11.0)
Using the "view changes" feature of logprof, I got the following diff:
--- /tmp/YExp9qp80A 2008-09-04 20:41:35.000000000 +0200
+++ /tmp/oECsEpwnRy 2008-09-04 20:41:35.000000000 +0200
@@ -29,6 +29,7 @@
capability sys_tty_config,
+
/bin/bash rix,
/dev/random r,
/etc/apache2/*.conf r,
@@ -93,6 +94,7 @@
/usr/share/snmp/mibs/.index rw,
/usr/share/ssl/openssl.cnf r,
/var/cache/php5-eaccelerator/** w,
+ owner /var/lib/php5/session_mm_* k,
owner /var/lib/php5/session_mm_* rwl,
/var/lock/httpd2.lock.* wl,
/var/log/apache2/* rwl,
IMHO the following lines
+ owner /var/lib/php5/session_mm_* k,
owner /var/lib/php5/session_mm_* rwl,
{c,sh}ould be merged to
owner /var/lib/php5/session_mm_* krwl,
Why does logprof generate an additional line instead?
Regards,
Christian Boltz
--
Warning: Sleeping Sigmonster! Please do not disturb.
More information about the Apparmor-general
mailing list