Bug 158657 - errno 13 in change_hat library
Summary: errno 13 in change_hat library
Status: RESOLVED FIXED
Alias: None
Product: SUSE LINUX 10.0
Classification: openSUSE
Component: AppArmor (show other bugs)
Version: unspecified
Hardware: 32bit Linux
: P5 - None : Major
Target Milestone: ---
Assignee: Dominic W Reynolds
QA Contact: Dominic W Reynolds
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-03-16 15:25 UTC by Wojciech Chojnowski
Modified: 2006-04-24 12:43 UTC (History)
1 user (show)

See Also:
Found By: Customer
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Wojciech Chojnowski 2006-03-16 15:25:41 UTC 
program: apache 2.0.54 with MPM
apparmor: devel version.
sys: fedora core 4.

I added module apparmor to apache 2.0.
When apache call change_hat module, this return error in line:
        ret = write(fd, buf, len); // return -1
errno = 13
This problem write log to syslog:

Mar 16 11:47:25 micro kernel: SubDomain: subdomain_setprocattr: Attempt by foreign task httpd(27962) [user 400] to changehat of task httpd(27960)

This problem occurs with 2 virtual domains;
one -> ImmDefaultHatName some.domain
other -> ImmDefaultHatName some.other.domain

and without above lines in configs of virtual domain.

hardware:
2 x opteror 244 (x86 - 32bit mode)
Comment 1 Seth R Arnold 2006-04-07 23:43:04 UTC 
http://forge.novell.com/modules/xfcontent/private.php/apparmor/Development%20-%20April%20Snapshot/libapparmor-2.0-6288.tar.gz

Wojtech, thanks for the report; this was caused by a misunderstanding between us and the kernel about the meaning of /proc/self. Please try this tarball and let us know how it works out -- we've never tried any MPM except prefork. (I don't expect it to work.)
Comment 2 Wojciech Chojnowski 2006-04-24 12:43:17 UTC 
All works ok :-)
I checked this in 32bit and 64bit mode - 2 x opteron