felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refractor(aa): move some test resource to the testdata dir.

Browse source
This commit is contained in:
Alexandre Pujol 2024-05-30 20:10:45 +01:00
parent 89abbae6bd
commit 4282fb336e
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
8 changed files with 25 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

37
tests/testdata/logs/audit.log vendored Normal file
View file

@ -0,0 +1,37 @@
type=BPF msg=audit(1111111111.111:1111): prog-id=60 op=LOAD
type=AVC msg=audit(1111111111.111:1111): apparmor="ALLOWED" operation="file_inherit" profile="kmod" pid=505701 comm="modprobe" family="unix" sock_type="stream" protocol=0 requested_mask="send receive"
type=AVC msg=audit(1111111111.111:1111): apparmor="ALLOWED" operation="file_inherit" profile="mkinitcpio" pid=505701 comm="modprobe" family="unix" sock_type="stream" protocol=0 requested_mask="receive"
type=AVC msg=audit(1111111111.111:1111): apparmor="ALLOWED" operation="file_inherit" profile="pacman" pid=505701 comm="modprobe" family="unix" sock_type="stream" protocol=0 requested_mask="receive"
type=AVC msg=audit(1111111111.111:1111): apparmor="ALLOWED" operation="file_inherit" profile="pacman-hook-mkinitcpio-install" pid=505701 comm="modprobe" family="unix" sock_type="stream" protocol=0 requested_mask="receive"
type=AVC msg=audit(1111111111.111:1111): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="apparmor_parser" name="firejail-default" pid=509201 comm="apparmor_parser"
type=AVC msg=audit(1111111111.111:1111): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="apparmor_parser" name="firejail-default" pid=509200 comm="apparmor_parser"
type=AVC msg=audit(1111111111.111:1111): apparmor="ALLOWED" operation="open" profile="aa-log" name="/sys/kernel/mm/transparent_hugepage/hpage_pmd_size" pid=509286 comm="remove-system.m" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0FSUID="user" OUID="user"
type=AVC msg=audit(1111111111.111:1111): apparmor="ALLOWED" operation="open" profile="sysctl" name="/proc/sys/kernel/panic_on_oops" pid=509859 comm="sysctl" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0FSUID="user" OUID="root"
type=BPF msg=audit(1111111111.111:1111): prog-id=75 op=LOAD
type=AVC msg=audit(1111111111.111:1111): apparmor="DENIED" operation="signal" profile="dbus-daemon" pid=2466 comm="at-spi-bus-laun" requested_mask="receive" denied_mask="receive" signal=term peer="at-spi-bus-launcher"
type=BPF msg=audit(1111111111.111:1111): prog-id=16 op=LOAD
type=BPF msg=audit(1111111111.111:1111): prog-id=17 op=LOAD
type=AVC msg=audit(1111111111.111:1111): apparmor="DENIED" operation="open" profile="dnsmasq" name="/proc/sys/kernel/osrelease" pid=1427 comm="dnsmasq" requested_mask="r" denied_mask="r" fsuid=0 ouid=0FSUID="root" OUID="root"
type=AVC msg=audit(1111111111.111:1111): apparmor="DENIED" operation="open" profile="dnsmasq" name="/proc/1/environ" pid=1427 comm="dnsmasq" requested_mask="r" denied_mask="r" fsuid=0 ouid=0FSUID="root" OUID="root"
type=AVC msg=audit(1111111111.111:1111): apparmor="DENIED" operation="open" profile="dnsmasq" name="/proc/cmdline" pid=1427 comm="dnsmasq" requested_mask="r" denied_mask="r" fsuid=0 ouid=0FSUID="root" OUID="root"
type=AVC msg=audit(1111111111.111:1111): apparmor="STATUS" operation="profile_load" profile="apparmor_parser" name="docker-default" pid=1775 comm="apparmor_parser"
type=BPF msg=audit(1111111111.111:1111): prog-id=18 op=LOAD
type=BPF msg=audit(1111111111.111:1111): prog-id=22 op=LOAD
type=AVC msg=audit(1111111111.111:1111): apparmor="DENIED" operation="open" profile="lsb_release" name="/home/user/" pid=2737 comm="find" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000FSUID="user" OUID="user"
type=AVC msg=audit(1111111111.111:1111): apparmor="DENIED" operation="open" profile="lsb_release" name="/etc/" pid=2737 comm="find" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0FSUID="user" OUID="root"
type=BPF msg=audit(1111111111.111:1111): prog-id=23 op=LOAD
type=AVC msg=audit(1111111111.111:1111): apparmor="DENIED" operation="file_inherit" profile="chromium-chromium" name="/home/user/.local/share/gvfs-metadata/root" pid=8661 comm="chromium" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000FSUID="user" OUID="user"
type=AVC msg=audit(1111111111.111:1111): apparmor="DENIED" operation="file_inherit" profile="chromium-chromium" name="/home/user/.local/share/gvfs-metadata/root-aaabbbc0.log" pid=8661 comm="chromium" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000FSUID="user" OUID="user"
type=AVC msg=audit(1111111111.111:1111): apparmor="ALLOWED" operation="open" profile="fusermount" name="/run/user/1000/doc/" pid=8703 comm="fusermount" requested_mask="r" denied_mask="r" fsuid=0 ouid=1000FSUID="root" OUID="user"
type=AVC msg=audit(1111111111.111:1111): apparmor="DENIED" operation="open" profile="chrome-gnome-shell" name="/home/user/.netrc" pid=9119 comm="chrome-gnome-sh" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000FSUID="user" OUID="user"
type=BPF msg=audit(1111111111.111:1111): prog-id=26 op=LOAD
type=AVC msg=audit(1111111111.111:1111): apparmor="ALLOWED" operation="exec" info="no new privs" error=-1 profile="man" name="/usr/bin/preconv" pid=60755 comm="man" requested_mask="x" denied_mask="x" fsuid=1000 ouid=1000 target="man_groff" FSUID="user" OUID="user"
type=USER_AVC msg=audit(1111111111.111:1111): pid=1648 uid=102 auid=4294967295 ses=4294967295 subj=? msg='apparmor="ALLOWED" operation="dbus_method_call" bus="system" path="/org/freedesktop/DBus" interface="org.freedesktop.DBus" member="AddMatch" name=":1.3" mask="receive" label="dbus-daemon" peer_pid=1667 peer_label="power-profiles-daemon" exe="/usr/bin/dbus-daemon" sauid=102 hostname=? addr=? terminal=?'UID="messagebus" AUID="unset" SAUID="messagebus"
type=AVC msg=audit(1111111111.111:1111): apparmor="ALLOWED" operation="file_perm" parent=16001 profile=666F6F20626172 name="/home/foo/.bash_history" pid=17011 comm="bash" requested_mask="rw" denied_mask="rw" fsuid=0 ouid=1000
type=USER_AVC msg=audit(1111111111.111:1111): pid=1648 uid=102 auid=4294967295 ses=4294967295 subj=? msg='apparmor="ALLOWED" operation="dbus_method_call" bus="system" path="/org/freedesktop/DBus" interface="org.freedesktop.DBus" member="AddMatch" mask="send" name="org.freedesktop.DBus" pid=1667 label="power-profiles-daemon" peer_label="dbus-daemon" exe="/usr/bin/dbus-daemon" sauid=102 hostname=? addr=? terminal=? UID="messagebus" AUID="unset" SAUID="messagebus"
type=USER_AVC msg=audit(1111111111.111:1111): pid=1648 uid=102 auid=4294967295 ses=4294967295 subj=? msg='apparmor="ALLOWED" operation="dbus_method_call" bus="system" path="/org/freedesktop/DBus" interface="org.freedesktop.DBus" member="AddMatch" name=":1.4" mask="receive" label="dbus-daemon" peer_pid=1 peer_label="unconfined" exe="/usr/bin/dbus-daemon" sauid=102 hostname=? addr=? terminal=?'UID="messagebus" AUID="unset" SAUID="messagebus"
type=AVC msg=audit(1111111111.111:1111): apparmor="ALLOWED" operation="bind" profile="gnome-shell" pid=2027 comm="gnome-shell" family="unix" sock_type="stream" protocol=0 requested_mask="bind" denied_mask="bind" addr="@/tmp/.X11-unix/X1"
type=AVC msg=audit(1111111111.111:1111): apparmor="ALLOWED" operation="file_perm" profile="gnome-session-binary" pid=1995 comm="gnome-session-b" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send receive" addr="@/tmp/.ICE-unix/1995" peer_addr=none peer="gnome-shell"
Sep 6 11:23:47 xubuntu-lts kernel: [ 31.024982] audit: type=1107 audit(1111111111.111:1111): pid=1567 uid=102 auid=4294967295 ses=4294967295 subj=? msg='apparmor="ALLOWED" operation="dbus_method_call" bus="system" path="/org/freedesktop/Accounts/User1000" interface="org.freedesktop.DBus.Properties" member="GetAll" mask="send" name="org.freedesktop.Accounts" pid=1693 label="lightdm" peer_pid=1559 peer_label="accounts-daemon"
Sep 6 11:26:12 xubuntu-lts kernel: [ 175.272924] audit: type=1107 audit(1111111111.111:1111): pid=1567 uid=102 auid=4294967295 ses=4294967295 subj=? msg='apparmor="ALLOWED" operation="dbus_signal" bus="system" path="/org/freedesktop/Accounts/User1000" interface="org.freedesktop.Accounts.User" member="Changed" name=":1.6" mask="receive" pid=1693 label="lightdm" peer_pid=1559 peer_label="accounts-daemon"
type=AVC msg=audit(1111111111.111:1111): apparmor="ALLOWED" operation="link" class="file" profile="akonadi_maildispatcher_agent" name="/home/bob/.config/akonadi/agent_config_akonadi_maildispatcher_agent.CmJRGE" pid=19277 comm="akonadi_maildis" requested_mask="k" denied_mask="k" fsuid=1000 ouid=1000 target="/home/bob/.config/akonadi/#3029891" FSUID="user" OUID="user"

13
tests/testdata/logs/systemd.log vendored Normal file
View file

@ -0,0 +1,13 @@
{"_EXE":"/usr/bin/dbus-daemon","_CMDLINE":"/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only","_MACHINE_ID":"b08dfa6083e7567a1921a715000001fb","SYSLOG_IDENTIFIER":"dbus-daemon","__REALTIME_TIMESTAMP":"1660508874368560","_SYSTEMD_CGROUP":"/user.slice/user-1000.slice/user@1000.service/app.slice/dbus.service","SYSLOG_FACILITY":"1","_SOURCE_REALTIME_TIMESTAMP":"1660508874363660","_BOOT_ID":"b08dfa6083e7567a1921a715000001fb","SYSLOG_TIMESTAMP":"Aug 14 21:27:54 ","MESSAGE":"apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/freedesktop/systemd1/unit/dev_2dloop10_2edevice\" interface=\"org.freedesktop.DBus.Introspectable\" member=\"Introspect\" mask=\"send\" name=\":1.1\" pid=2336 label=\"gnome-shell\" peer_pid=1969 peer_label=\"unconfined\"","_TRANSPORT":"syslog","SYSLOG_PID":"2134","_SYSTEMD_UNIT":"user@1000.service","_COMM":"dbus-daemon","__MONOTONIC_TIMESTAMP":"4450642","_SYSTEMD_OWNER_UID":"1000","_SYSTEMD_USER_UNIT":"dbus.service","_UID":"1000","_PID":"2134","PRIORITY":"5","_GID":"1000","_HOSTNAME":"ubuntu","_SYSTEMD_SLICE":"user-1000.slice","_AUDIT_LOGINUID":"1000","SYSLOG_RAW":"<13>Aug 14 21:27:54 dbus-daemon[2134]: apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/freedesktop/systemd1/unit/dev_2dloop10_2edevice\" interface=\"org.freedesktop.DBus.Introspectable\" member=\"Introspect\" mask=\"send\" name=\":1.1\" pid=2336 label=\"gnome-shell\" peer_pid=1969 peer_label=\"unconfined\"\n","_SYSTEMD_INVOCATION_ID":"a2df70e9ec4d4a02a84b116cef31a4c0","_SELINUX_CONTEXT":"dbus-daemon (complain)\n","_AUDIT_SESSION":"2","__CURSOR":"s=b08dfa6083e7567a1921a715000001fb;i=5fb1;b=b08dfa6083e7567a1921a715000001fb;m=43e952;t=5e639599a6630;x=83188ca2cb9a0a03","_SYSTEMD_USER_SLICE":"app.slice","_CAP_EFFECTIVE":"0"}
{"_PID":"2134","MESSAGE":"apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/freedesktop/systemd1/unit/gnome_2dsession_2dwayland_40ubuntu_2etarget\" interface=\"org.freedesktop.DBus.Introspectable\" member=\"Introspect\" mask=\"send\" name=\":1.1\" pid=2336 label=\"gnome-shell\" peer_pid=1969 peer_label=\"unconfined\"","SYSLOG_IDENTIFIER":"dbus-daemon","__CURSOR":"s=b08dfa6083e7567a1921a715000001fb;i=5fb2;b=b08dfa6083e7567a1921a715000001fb;m=43e98d;t=5e639599a666b;x=c9cd50322836b032","SYSLOG_PID":"2134","_SYSTEMD_USER_SLICE":"app.slice","_SYSTEMD_UNIT":"user@1000.service","_AUDIT_LOGINUID":"1000","__MONOTONIC_TIMESTAMP":"4450701","__REALTIME_TIMESTAMP":"1660508874368619","_MACHINE_ID":"b08dfa6083e7567a1921a715000001fb","SYSLOG_TIMESTAMP":"Aug 14 21:27:54 ","SYSLOG_RAW":"<13>Aug 14 21:27:54 dbus-daemon[2134]: apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/freedesktop/systemd1/unit/gnome_2dsession_2dwayland_40ubuntu_2etarget\" interface=\"org.freedesktop.DBus.Introspectable\" member=\"Introspect\" mask=\"send\" name=\":1.1\" pid=2336 label=\"gnome-shell\" peer_pid=1969 peer_label=\"unconfined\"\n","PRIORITY":"5","SYSLOG_FACILITY":"1","_TRANSPORT":"syslog","_CAP_EFFECTIVE":"0","_GID":"1000","_SOURCE_REALTIME_TIMESTAMP":"1660508874363712","_EXE":"/usr/bin/dbus-daemon","_UID":"1000","_SYSTEMD_INVOCATION_ID":"a2df70e9ec4d4a02a84b116cef31a4c0","_CMDLINE":"/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only","_SYSTEMD_SLICE":"user-1000.slice","_HOSTNAME":"ubuntu","_SYSTEMD_CGROUP":"/user.slice/user-1000.slice/user@1000.service/app.slice/dbus.service","_SELINUX_CONTEXT":"dbus-daemon (complain)\n","_AUDIT_SESSION":"2","_BOOT_ID":"b08dfa6083e7567a1921a715000001fb","_SYSTEMD_OWNER_UID":"1000","_SYSTEMD_USER_UNIT":"dbus.service","_COMM":"dbus-daemon"}
{"_SYSTEMD_USER_SLICE":"app.slice","_CAP_EFFECTIVE":"0","__MONOTONIC_TIMESTAMP":"15127876","SYSLOG_IDENTIFIER":"dbus-daemon","_SYSTEMD_OWNER_UID":"1000","_SYSTEMD_INVOCATION_ID":"a2df70e9ec4d4a02a84b116cef31a4c0","SYSLOG_RAW":"<13>Aug 14 21:28:05 dbus-daemon[2134]: apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/freedesktop/DBus\" interface=\"org.freedesktop.DBus\" member=\"RemoveMatch\" mask=\"send\" name=\"org.freedesktop.DBus\" pid=2786 label=\"nautilus\" peer_label=\"dbus-daemon\"\n","__CURSOR":"s=b08dfa6083e7567a1921a715000001fb;i=65a6;b=b08dfa6083e7567a1921a715000001fb;m=e6d544;t=5e6395a3d5222;x=bb43e5245930ae54","_PID":"2134","__REALTIME_TIMESTAMP":"1660508885045794","_HOSTNAME":"ubuntu","SYSLOG_PID":"2134","SYSLOG_FACILITY":"1","_SYSTEMD_USER_UNIT":"dbus.service","_SELINUX_CONTEXT":"dbus-daemon (complain)\n","_TRANSPORT":"syslog","SYSLOG_TIMESTAMP":"Aug 14 21:28:05 ","_SYSTEMD_CGROUP":"/user.slice/user-1000.slice/user@1000.service/app.slice/dbus.service","_COMM":"dbus-daemon","_AUDIT_LOGINUID":"1000","_BOOT_ID":"b08dfa6083e7567a1921a715000001fb","_CMDLINE":"/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only","_SYSTEMD_SLICE":"user-1000.slice","_SOURCE_REALTIME_TIMESTAMP":"1660508885045724","_UID":"1000","_MACHINE_ID":"b08dfa6083e7567a1921a715000001fb","_GID":"1000","_SYSTEMD_UNIT":"user@1000.service","_EXE":"/usr/bin/dbus-daemon","MESSAGE":"apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/freedesktop/DBus\" interface=\"org.freedesktop.DBus\" member=\"RemoveMatch\" mask=\"send\" name=\"org.freedesktop.DBus\" pid=2786 label=\"nautilus\" peer_label=\"dbus-daemon\"","PRIORITY":"5","_AUDIT_SESSION":"2"}
{"_SOURCE_REALTIME_TIMESTAMP":"1660508875210386","_TRANSPORT":"syslog","_SYSTEMD_USER_UNIT":"dbus.service","SYSLOG_PID":"2134","_CMDLINE":"/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only","SYSLOG_IDENTIFIER":"dbus-daemon","__CURSOR":"s=b08dfa6083e7567a1921a715000001fb;i=6467;b=b08dfa6083e7567a1921a715000001fb;m=50c1d8;t=5e63959a73eb6;x=3e2f0ec03be78562","PRIORITY":"5","__REALTIME_TIMESTAMP":"1660508875210422","_EXE":"/usr/bin/dbus-daemon","_SYSTEMD_OWNER_UID":"1000","_SYSTEMD_USER_SLICE":"app.slice","SYSLOG_RAW":"<13>Aug 14 21:27:55 dbus-daemon[2134]: apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/gnome/Nautilus\" interface=\"org.gtk.Actions\" member=\"DescribeAll\" name=\":1.98\" mask=\"receive\" pid=2786 label=\"nautilus\" peer_pid=3211 peer_label=\"nautilus\"\n","_GID":"1000","_HOSTNAME":"ubuntu","_AUDIT_SESSION":"2","_CAP_EFFECTIVE":"0","_SYSTEMD_SLICE":"user-1000.slice","__MONOTONIC_TIMESTAMP":"5292504","SYSLOG_TIMESTAMP":"Aug 14 21:27:55 ","MESSAGE":"apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/gnome/Nautilus\" interface=\"org.gtk.Actions\" member=\"DescribeAll\" name=\":1.98\" mask=\"receive\" pid=2786 label=\"nautilus\" peer_pid=3211 peer_label=\"nautilus\"","_UID":"1000","SYSLOG_FACILITY":"1","_SYSTEMD_UNIT":"user@1000.service","_SELINUX_CONTEXT":"dbus-daemon (complain)\n","_MACHINE_ID":"b08dfa6083e7567a1921a715000001fb","_PID":"2134","_SYSTEMD_INVOCATION_ID":"a2df70e9ec4d4a02a84b116cef31a4c0","_COMM":"dbus-daemon","_BOOT_ID":"b08dfa6083e7567a1921a715000001fb","_SYSTEMD_CGROUP":"/user.slice/user-1000.slice/user@1000.service/app.slice/dbus.service","_AUDIT_LOGINUID":"1000"}
{"_CAP_EFFECTIVE":"0","_AUDIT_SESSION":"2","__REALTIME_TIMESTAMP":"1660508875210574","_SYSTEMD_USER_SLICE":"app.slice","_AUDIT_LOGINUID":"1000","SYSLOG_RAW":"<13>Aug 14 21:27:55 dbus-daemon[2134]: apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/gtk/Settings\" interface=\"org.freedesktop.DBus.Properties\" member=\"GetAll\" mask=\"send\" name=\":1.84\" pid=3024 label=\"gnome-extension-ding\" peer_pid=2999 peer_label=\"gsd-xsettings\"\n","_GID":"1000","PRIORITY":"5","_SOURCE_REALTIME_TIMESTAMP":"1660508875210536","SYSLOG_IDENTIFIER":"dbus-daemon","SYSLOG_PID":"2134","_BOOT_ID":"b08dfa6083e7567a1921a715000001fb","SYSLOG_TIMESTAMP":"Aug 14 21:27:55 ","_COMM":"dbus-daemon","_SYSTEMD_INVOCATION_ID":"a2df70e9ec4d4a02a84b116cef31a4c0","_SYSTEMD_UNIT":"user@1000.service","_TRANSPORT":"syslog","_CMDLINE":"/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only","_MACHINE_ID":"b08dfa6083e7567a1921a715000001fb","SYSLOG_FACILITY":"1","_SELINUX_CONTEXT":"dbus-daemon (complain)\n","MESSAGE":"apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/gtk/Settings\" interface=\"org.freedesktop.DBus.Properties\" member=\"GetAll\" mask=\"send\" name=\":1.84\" pid=3024 label=\"gnome-extension-ding\" peer_pid=2999 peer_label=\"gsd-xsettings\"","__CURSOR":"s=b08dfa6083e7567a1921a715000001fb;i=6468;b=b08dfa6083e7567a1921a715000001fb;m=50c270;t=5e63959a73f4e;x=893876022610c36e","_SYSTEMD_OWNER_UID":"1000","__MONOTONIC_TIMESTAMP":"5292656","_SYSTEMD_USER_UNIT":"dbus.service","_PID":"2134","_EXE":"/usr/bin/dbus-daemon","_HOSTNAME":"ubuntu","_UID":"1000","_SYSTEMD_SLICE":"user-1000.slice","_SYSTEMD_CGROUP":"/user.slice/user-1000.slice/user@1000.service/app.slice/dbus.service"}
{"_COMM":"dbus-daemon","SYSLOG_PID":"2134","_CMDLINE":"/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only","_SYSTEMD_INVOCATION_ID":"a2df70e9ec4d4a02a84b116cef31a4c0","__REALTIME_TIMESTAMP":"1660508875210632","SYSLOG_FACILITY":"1","_EXE":"/usr/bin/dbus-daemon","SYSLOG_IDENTIFIER":"dbus-daemon","MESSAGE":"apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/gtk/Settings\" interface=\"org.freedesktop.DBus.Properties\" member=\"GetAll\" name=\":1.88\" mask=\"receive\" pid=2999 label=\"gsd-xsettings\" peer_pid=3024 peer_label=\"gnome-extension-ding\"","_UID":"1000","__MONOTONIC_TIMESTAMP":"5292714","_TRANSPORT":"syslog","_BOOT_ID":"b08dfa6083e7567a1921a715000001fb","SYSLOG_TIMESTAMP":"Aug 14 21:27:55 ","_PID":"2134","PRIORITY":"5","SYSLOG_RAW":"<13>Aug 14 21:27:55 dbus-daemon[2134]: apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/gtk/Settings\" interface=\"org.freedesktop.DBus.Properties\" member=\"GetAll\" name=\":1.88\" mask=\"receive\" pid=2999 label=\"gsd-xsettings\" peer_pid=3024 peer_label=\"gnome-extension-ding\"\n","_SYSTEMD_CGROUP":"/user.slice/user-1000.slice/user@1000.service/app.slice/dbus.service","_SYSTEMD_OWNER_UID":"1000","_GID":"1000","_SYSTEMD_UNIT":"user@1000.service","_SYSTEMD_USER_UNIT":"dbus.service","_AUDIT_LOGINUID":"1000","__CURSOR":"s=b08dfa6083e7567a1921a715000001fb;i=6469;b=b08dfa6083e7567a1921a715000001fb;m=50c2aa;t=5e63959a73f88;x=5c93993eebd934c","_SYSTEMD_SLICE":"user-1000.slice","_SYSTEMD_USER_SLICE":"app.slice","_AUDIT_SESSION":"2","_MACHINE_ID":"b08dfa6083e7567a1921a715000001fb","_SELINUX_CONTEXT":"dbus-daemon (complain)\n","_HOSTNAME":"ubuntu","_CAP_EFFECTIVE":"0","_SOURCE_REALTIME_TIMESTAMP":"1660508875210544"}
{"_MACHINE_ID":"b08dfa6083e7567a1921a715000001fb","_UID":"1000","_AUDIT_SESSION":"2","_SOURCE_REALTIME_TIMESTAMP":"1660508873116974","SYSLOG_IDENTIFIER":"dbus-daemon","_COMM":"dbus-daemon","SYSLOG_RAW":"<13>Aug 14 21:27:53 dbus-daemon[2134]: apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/freedesktop/DBus\" interface=\"org.freedesktop.DBus\" member=\"UpdateActivationEnvironment\" mask=\"send\" name=\"org.freedesktop.DBus\" pid=2175 label=\"gnome-session-binary\" peer_label=\"dbus-daemon\"\n","_SYSTEMD_USER_UNIT":"dbus.service","_HOSTNAME":"ubuntu","_CAP_EFFECTIVE":"0","_CMDLINE":"/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only","_AUDIT_LOGINUID":"1000","_SYSTEMD_INVOCATION_ID":"a2df70e9ec4d4a02a84b116cef31a4c0","_TRANSPORT":"syslog","__REALTIME_TIMESTAMP":"1660508873116986","_SYSTEMD_CGROUP":"/user.slice/user-1000.slice/user@1000.service/app.slice/dbus.service","__MONOTONIC_TIMESTAMP":"3199068","_PID":"2134","_SYSTEMD_OWNER_UID":"1000","_SYSTEMD_USER_SLICE":"app.slice","SYSLOG_PID":"2134","_SELINUX_CONTEXT":"dbus-daemon (complain)\n","__CURSOR":"s=b08dfa6083e7567a1921a715000001fb;i=559d;b=b08dfa6083e7567a1921a715000001fb;m=30d05c;t=5e63959874d3a;x=b24fce16294858e3","_BOOT_ID":"b08dfa6083e7567a1921a715000001fb","_EXE":"/usr/bin/dbus-daemon","_SYSTEMD_UNIT":"user@1000.service","SYSLOG_TIMESTAMP":"Aug 14 21:27:53 ","_SYSTEMD_SLICE":"user-1000.slice","SYSLOG_FACILITY":"1","_GID":"1000","PRIORITY":"5","MESSAGE":"apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/freedesktop/DBus\" interface=\"org.freedesktop.DBus\" member=\"UpdateActivationEnvironment\" mask=\"send\" name=\"org.freedesktop.DBus\" pid=2175 label=\"gnome-session-binary\" peer_label=\"dbus-daemon\""}
{"_AUDIT_SESSION":"2","MESSAGE":"apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/freedesktop/systemd1\" interface=\"org.freedesktop.systemd1.Manager\" member=\"SetEnvironment\" mask=\"send\" name=\"org.freedesktop.systemd1\" pid=2289 label=\"gnome-session-binary\" peer_pid=1969 peer_label=\"unconfined\"","_PID":"2134","_GID":"1000","_TRANSPORT":"syslog","_CAP_EFFECTIVE":"0","_SYSTEMD_SLICE":"user-1000.slice","_CMDLINE":"/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only","SYSLOG_TIMESTAMP":"Aug 14 21:27:53 ","SYSLOG_FACILITY":"1","_SYSTEMD_UNIT":"user@1000.service","_SELINUX_CONTEXT":"dbus-daemon (complain)\n","_SYSTEMD_USER_UNIT":"dbus.service","_AUDIT_LOGINUID":"1000","_SYSTEMD_INVOCATION_ID":"a2df70e9ec4d4a02a84b116cef31a4c0","__REALTIME_TIMESTAMP":"1660508873179343","SYSLOG_PID":"2134","__CURSOR":"s=b08dfa6083e7567a1921a715000001fb;i=55dd;b=b08dfa6083e7567a1921a715000001fb;m=31c3f1;t=5e639598840cf;x=669640969915bdb7","_SOURCE_REALTIME_TIMESTAMP":"1660508873179332","_EXE":"/usr/bin/dbus-daemon","_SYSTEMD_OWNER_UID":"1000","PRIORITY":"5","_HOSTNAME":"ubuntu","_SYSTEMD_USER_SLICE":"app.slice","_COMM":"dbus-daemon","_UID":"1000","__MONOTONIC_TIMESTAMP":"3261425","_SYSTEMD_CGROUP":"/user.slice/user-1000.slice/user@1000.service/app.slice/dbus.service","_MACHINE_ID":"b08dfa6083e7567a1921a715000001fb","SYSLOG_RAW":"<13>Aug 14 21:27:53 dbus-daemon[2134]: apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/freedesktop/systemd1\" interface=\"org.freedesktop.systemd1.Manager\" member=\"SetEnvironment\" mask=\"send\" name=\"org.freedesktop.systemd1\" pid=2289 label=\"gnome-session-binary\" peer_pid=1969 peer_label=\"unconfined\"\n","_BOOT_ID":"b08dfa6083e7567a1921a715000001fb","SYSLOG_IDENTIFIER":"dbus-daemon"}
{"_SYSTEMD_SLICE":"user-1000.slice","SYSLOG_RAW":"<13>Aug 14 21:27:53 dbus-daemon[2134]: apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/a11y/bus\" interface=\"org.a11y.Bus\" member=\"GetAddress\" mask=\"send\" name=\"org.a11y.Bus\" pid=2807 label=\"at-spi2-registryd\" peer_pid=2321 peer_label=\"at-spi-bus-launcher\"\n","_SYSTEMD_OWNER_UID":"1000","_CMDLINE":"/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only","_GID":"1000","_SYSTEMD_USER_UNIT":"dbus.service","__CURSOR":"s=b08dfa6083e7567a1921a715000001fb;i=58c7;b=b08dfa6083e7567a1921a715000001fb;m=3d1a91;t=5e6395993976f;x=7672612d85202a41","SYSLOG_FACILITY":"1","_COMM":"dbus-daemon","__MONOTONIC_TIMESTAMP":"4004497","_CAP_EFFECTIVE":"0","_BOOT_ID":"b08dfa6083e7567a1921a715000001fb","_TRANSPORT":"syslog","_SYSTEMD_INVOCATION_ID":"a2df70e9ec4d4a02a84b116cef31a4c0","_MACHINE_ID":"b08dfa6083e7567a1921a715000001fb","_HOSTNAME":"ubuntu","_AUDIT_LOGINUID":"1000","_UID":"1000","_SYSTEMD_UNIT":"user@1000.service","MESSAGE":"apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/a11y/bus\" interface=\"org.a11y.Bus\" member=\"GetAddress\" mask=\"send\" name=\"org.a11y.Bus\" pid=2807 label=\"at-spi2-registryd\" peer_pid=2321 peer_label=\"at-spi-bus-launcher\"","_SOURCE_REALTIME_TIMESTAMP":"1660508873922402","_SYSTEMD_CGROUP":"/user.slice/user-1000.slice/user@1000.service/app.slice/dbus.service","__REALTIME_TIMESTAMP":"1660508873922415","PRIORITY":"5","SYSLOG_PID":"2134","_SELINUX_CONTEXT":"dbus-daemon (complain)\n","_AUDIT_SESSION":"2","_SYSTEMD_USER_SLICE":"app.slice","_EXE":"/usr/bin/dbus-daemon","_PID":"2134","SYSLOG_IDENTIFIER":"dbus-daemon","SYSLOG_TIMESTAMP":"Aug 14 21:27:53 "}
{"_SYSTEMD_UNIT":"user@1000.service","_SYSTEMD_USER_UNIT":"dbus.service","_EXE":"/usr/bin/dbus-daemon","_SELINUX_CONTEXT":"dbus-daemon (complain)\n","SYSLOG_FACILITY":"1","SYSLOG_IDENTIFIER":"dbus-daemon","_SYSTEMD_CGROUP":"/user.slice/user-1000.slice/user@1000.service/app.slice/dbus.service","_SYSTEMD_SLICE":"user-1000.slice","_PID":"2134","_GID":"1000","_TRANSPORT":"syslog","_AUDIT_SESSION":"2","_COMM":"dbus-daemon","SYSLOG_RAW":"<13>Aug 14 21:27:53 dbus-daemon[2134]: apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/gnome/SessionManager\" interface=\"org.freedesktop.DBus.Properties\" member=\"GetAll\" mask=\"send\" name=\":1.29\" pid=2807 label=\"at-spi2-registryd\" peer_pid=2289 peer_label=\"gnome-session-binary\"\n","SYSLOG_TIMESTAMP":"Aug 14 21:27:53 ","__REALTIME_TIMESTAMP":"1660508873925953","__CURSOR":"s=b08dfa6083e7567a1921a715000001fb;i=58dc;b=b08dfa6083e7567a1921a715000001fb;m=3d2863;t=5e6395993a541;x=40d5952488f76012","_HOSTNAME":"ubuntu","PRIORITY":"5","_SYSTEMD_OWNER_UID":"1000","MESSAGE":"apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/gnome/SessionManager\" interface=\"org.freedesktop.DBus.Properties\" member=\"GetAll\" mask=\"send\" name=\":1.29\" pid=2807 label=\"at-spi2-registryd\" peer_pid=2289 peer_label=\"gnome-session-binary\"","_BOOT_ID":"b08dfa6083e7567a1921a715000001fb","_CMDLINE":"/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only","_MACHINE_ID":"b08dfa6083e7567a1921a715000001fb","_SOURCE_REALTIME_TIMESTAMP":"1660508873925692","_CAP_EFFECTIVE":"0","_SYSTEMD_USER_SLICE":"app.slice","__MONOTONIC_TIMESTAMP":"4008035","_SYSTEMD_INVOCATION_ID":"a2df70e9ec4d4a02a84b116cef31a4c0","SYSLOG_PID":"2134","_AUDIT_LOGINUID":"1000","_UID":"1000"}
{"_PID":"2134","MESSAGE":"apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/freedesktop/DBus\" interface=\"org.freedesktop.DBus\" member=\"RequestName\" mask=\"send\" name=\"org.freedesktop.DBus\" pid=2808 label=\"gjs-console\" peer_label=\"dbus-daemon\"","_EXE":"/usr/bin/dbus-daemon","_CAP_EFFECTIVE":"0","_TRANSPORT":"syslog","_CMDLINE":"/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only","__MONOTONIC_TIMESTAMP":"4075041","_BOOT_ID":"b08dfa6083e7567a1921a715000001fb","SYSLOG_TIMESTAMP":"Aug 14 21:27:53 ","_MACHINE_ID":"b08dfa6083e7567a1921a715000001fb","_SYSTEMD_USER_SLICE":"app.slice","SYSLOG_FACILITY":"1","SYSLOG_PID":"2134","_SYSTEMD_UNIT":"user@1000.service","_SYSTEMD_SLICE":"user-1000.slice","_AUDIT_LOGINUID":"1000","_SELINUX_CONTEXT":"dbus-daemon (complain)\n","_AUDIT_SESSION":"2","_SYSTEMD_USER_UNIT":"dbus.service","SYSLOG_IDENTIFIER":"dbus-daemon","__CURSOR":"s=b08dfa6083e7567a1921a715000001fb;i=59fa;b=b08dfa6083e7567a1921a715000001fb;m=3e2e21;t=5e6395994aaff;x=7943c0d544e18263","PRIORITY":"5","SYSLOG_RAW":"<13>Aug 14 21:27:53 dbus-daemon[2134]: apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/freedesktop/DBus\" interface=\"org.freedesktop.DBus\" member=\"RequestName\" mask=\"send\" name=\"org.freedesktop.DBus\" pid=2808 label=\"gjs-console\" peer_label=\"dbus-daemon\"\n","_SOURCE_REALTIME_TIMESTAMP":"1660508873992950","_GID":"1000","_HOSTNAME":"ubuntu","_SYSTEMD_CGROUP":"/user.slice/user-1000.slice/user@1000.service/app.slice/dbus.service","__REALTIME_TIMESTAMP":"1660508873992959","_UID":"1000","_SYSTEMD_OWNER_UID":"1000","_COMM":"dbus-daemon","_SYSTEMD_INVOCATION_ID":"a2df70e9ec4d4a02a84b116cef31a4c0"}
{"_SYSTEMD_USER_SLICE":"app.slice","SYSLOG_RAW":"<13>Aug 14 21:27:53 dbus-daemon[2134]: apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/freedesktop/Notifications\" interface=\"org.freedesktop.DBus.Properties\" member=\"GetAll\" mask=\"send\" name=\":1.37\" pid=2808 label=\"gjs-console\" peer_pid=2336 peer_label=\"gnome-shell\"\n","_SELINUX_CONTEXT":"dbus-daemon (complain)\n","_SYSTEMD_INVOCATION_ID":"a2df70e9ec4d4a02a84b116cef31a4c0","_SYSTEMD_UNIT":"user@1000.service","_PID":"2134","_TRANSPORT":"syslog","_SYSTEMD_SLICE":"user-1000.slice","__CURSOR":"s=b08dfa6083e7567a1921a715000001fb;i=5a22;b=b08dfa6083e7567a1921a715000001fb;m=3e3cf0;t=5e6395994b9ce;x=530c8e8f82a22c96","_CAP_EFFECTIVE":"0","SYSLOG_FACILITY":"1","_SYSTEMD_CGROUP":"/user.slice/user-1000.slice/user@1000.service/app.slice/dbus.service","_SOURCE_REALTIME_TIMESTAMP":"1660508873996745","_AUDIT_LOGINUID":"1000","SYSLOG_PID":"2134","_UID":"1000","__MONOTONIC_TIMESTAMP":"4078832","__REALTIME_TIMESTAMP":"1660508873996750","_GID":"1000","_SYSTEMD_USER_UNIT":"dbus.service","SYSLOG_IDENTIFIER":"dbus-daemon","_CMDLINE":"/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only","PRIORITY":"5","_HOSTNAME":"ubuntu","_SYSTEMD_OWNER_UID":"1000","_BOOT_ID":"b08dfa6083e7567a1921a715000001fb","_COMM":"dbus-daemon","SYSLOG_TIMESTAMP":"Aug 14 21:27:53 ","_EXE":"/usr/bin/dbus-daemon","_MACHINE_ID":"b08dfa6083e7567a1921a715000001fb","MESSAGE":"apparmor=\"ALLOWED\" operation=\"dbus_method_call\" bus=\"session\" path=\"/org/freedesktop/Notifications\" interface=\"org.freedesktop.DBus.Properties\" member=\"GetAll\" mask=\"send\" name=\":1.37\" pid=2808 label=\"gjs-console\" peer_pid=2336 peer_label=\"gnome-shell\"","_AUDIT_SESSION":"2"}
{"_COMM":"dbus-daemon","_PID":"2115","_SYSTEMD_OWNER_UID":"1000","SYSLOG_PID":"2115","_SYSTEMD_UNIT":"user@1000.service","_UID":"1000","SYSLOG_TIMESTAMP":"Sep 23 19:08:23 ","_BOOT_ID":"9dc82bed576d498f9024ff85684b30d4","__MONOTONIC_TIMESTAMP":"6010664","_SYSTEMD_SLICE":"user-1000.slice","PRIORITY":"5","_TRANSPORT":"syslog","_AUDIT_SESSION":"2","_SOURCE_REALTIME_TIMESTAMP":"1663956503914987","_SYSTEMD_USER_UNIT":"dbus.service","__CURSOR":"s=9a5c536c5f2d404ea40e4c6853a2f95a;i=46022;b=9dc82bed576d498f9024ff85684b30d4;m=5bb728;t=5e95c105669f5;x=5d3603dc8eb47b68","_EXE":"/usr/bin/dbus-daemon","_SYSTEMD_INVOCATION_ID":"11c46c6e705b43db94390fb84ebfec51","MESSAGE":"apparmor=\"ALLOWED\" operation=\"dbus_bind\" bus=\"session\" name=\"org.gtk.vfs.Metadata\" mask=\"bind\" pid=2696 label=\"gvfsd-metadata\"","_SELINUX_CONTEXT":"dbus-daemon (complain)\n","_CMDLINE":"/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only","__REALTIME_TIMESTAMP":"1663956503914997","_HOSTNAME":"ubuntu","_CAP_EFFECTIVE":"0","_AUDIT_LOGINUID":"1000","_MACHINE_ID":"5ae7ab47ad014f699b6b60833dfad879","_SYSTEMD_USER_SLICE":"app.slice","_GID":"1000","SYSLOG_IDENTIFIER":"dbus-daemon","SYSLOG_RAW":"<13>Sep 23 19:08:23 dbus-daemon[2115]: apparmor=\"ALLOWED\" operation=\"dbus_bind\" bus=\"session\" name=\"org.gtk.vfs.Metadata\" mask=\"bind\" pid=2696 label=\"gvfsd-metadata\"\n","SYSLOG_FACILITY":"1","_SYSTEMD_CGROUP":"/user.slice/user-1000.slice/user@1000.service/app.slice/dbus.service"}

43
tests/testdata/string.aa vendored Normal file
View file

@ -0,0 +1,43 @@
# Simple test profile for the AppArmorProfileFile.String() method
abi <abi/4.0>,
alias /mnt/usr -> /usr,
include <tunables/global>
@{exec_path} = @{bin}/foo @{lib}/foo
profile foo @{exec_path} xattrs=(security.tagged=allowed) flags=(complain attach_disconnected) {
include <abstractions/base>
include <abstractions/nameservice-strict>
set rlimit nproc <= 200,
capability dac_read_search,
capability dac_override,
network inet stream,
network inet6 stream,
mount fstype=fuse.portal options=(rw rbind) @{run}/user/@{uid}/ -> /, # failed perms check
umount @{run}/user/@{uid}/,
signal receive set=term peer=at-spi-bus-launcher,
ptrace read peer=nautilus,
unix (send receive) type=stream addr=@/tmp/.ICE-unix/1995 peer=(label=gnome-shell, addr=none),
dbus bind bus=session name=org.gnome.*,
dbus receive bus=system path=/org/freedesktop/DBus
interface=org.freedesktop.DBus
member=AddMatch
peer=(name=:1.3, label=power-profiles-daemon),
/opt/intel/oneapi/compiler/*/linux/lib/*.so./* rm,
@{PROC}/@{pid}/task/@{tid}/comm rw,
@{sys}/devices/@{pci}/class r,
include if exists <local/foo>
}