Bugzilla – Bug 588185
AppArmor: network rule
Last modified: 2016-04-15 10:54:20 UTC
User-Agent: Mozilla/5.0 (X11; U; Linux i686; ru; rv:1.9.1.8) Gecko/20100204 SUSE/3.5.8-0.1.1 Firefox/3.5.8 I suppose that there is a bug in AppArmor 2.3.1(bundled with opensuse 11.2). The 'network' rule is described in man page and openSUSE Security Guide for 11.2, but It doesn't work for me at all. Network connections aren't blocked and there aren't 'socket_create' messages in my /var/log/audit.log. I created threads in forum and some users confirmed the AppArmor behavior: http://forums.opensuse.org/applications/434684-apparmor-network-rule.html http://forums.novell.com/novell-product-support-forums/apparmor/404069-apparmor-network-rule.html Reproducible: Always
This is a documentation error. The kernel doesn't call security hooks for anything other than inet or inet6 and apparmor-parser denies these keywords accordingly. AppArmor itself _could_ support them, but since the hooks aren't called, it doesn't have the opportunity to do so. I'll update the manpage for factory.
Scratch that. There was a build issue with apparmor-parser that caused it to miss the domain definitions. It's a bug. Thanks for the report.
I've committed the fix for this to security:apparmor:factory, openSUSE 11.2, and SLE11 SP1. Anja, I have three fixes queued up for apparmor-parser. SR 34867
The SWAMPID for this issue is 32010. Please submit the patch and patchinfo file using this ID. (https://swamp.suse.de/webswamp/wf/32010)
Update released for: apparmor-parser, apparmor-parser-debuginfo, apparmor-parser-debugsource, apparmor-utils Products: openSUSE 11.2 (debug, i586, x86_64)
Closing as FIXED.
This is an autogenerated message for OBS integration: This bug (588185) was mentioned in https://build.opensuse.org/request/show/34867 11.2:Test / apparmor-parser