Actions
action #111036
closed[sle][security][backlog] test should fails in apache2_changehat: as there are some unexpected "DENIED" audit records
Start date:
2022-05-13
Due date:
% Done:
100%
Estimated time:
8.00 h
Difficulty:
Description
Test should fails in apache2_changehat: as there are some unexpected "DENIED" audit records:
Such as:
http://openqa.suse.de/tests/8739779#step/apache2_changehat/132
apache2_changehat-audit.log
grep DENIED apache2_changehat-audit_log
type=AVC msg=audit(1652335921.062:792): apparmor="DENIED" operation="file_receive" info="Failed name lookup - disconnected path" error=-13 profile="/usr/sbin/httpd-prefork" name="run/nscd/dbmw7g9I" pid=8036 comm="httpd-prefork" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
type=AVC msg=audit(1652335921.078:793): apparmor="DENIED" operation="open" profile="/usr/sbin/httpd-prefork" name="/etc/ssl/openssl.cnf" pid=8036 comm="httpd-prefork" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
type=AVC msg=audit(1652335921.078:794): apparmor="DENIED" operation="file_receive" info="Failed name lookup - disconnected path" error=-13 profile="/usr/sbin/httpd-prefork" name="var/lib/nscd/passwd" pid=8036 comm="httpd-prefork" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
type=AVC msg=audit(1652335921.078:795): apparmor="DENIED" operation="file_receive" info="Failed name lookup - disconnected path" error=-13 profile="/usr/sbin/httpd-prefork" name="var/lib/nscd/group" pid=8036 comm="httpd-prefork" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
type=AVC msg=audit(1652335921.086:796): apparmor="DENIED" operation="signal" profile="/usr/sbin/httpd-prefork" pid=8036 comm="httpd-prefork" requested_mask="send" denied_mask="send" signal=winch peer="unconfined"
type=AVC msg=audit(1652335921.238:798): apparmor="DENIED" operation="file_receive" info="Failed name lookup - disconnected path" error=-13 profile="/usr/sbin/httpd-prefork" name="run/nscd/dbmw7g9I" pid=8044 comm="httpd-prefork" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
type=AVC msg=audit(1652335921.250:799): apparmor="DENIED" operation="open" profile="/usr/sbin/httpd-prefork" name="/etc/ssl/openssl.cnf" pid=8044 comm="httpd-prefork" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
type=AVC msg=audit(1652335921.250:800): apparmor="DENIED" operation="file_receive" info="Failed name lookup - disconnected path" error=-13 profile="/usr/sbin/httpd-prefork" name="var/lib/nscd/passwd" pid=8044 comm="httpd-prefork" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
type=AVC msg=audit(1652335921.250:801): apparmor="DENIED" operation="file_receive" info="Failed name lookup - disconnected path" error=-13 profile="/usr/sbin/httpd-prefork" name="var/lib/nscd/group" pid=8044 comm="httpd-prefork" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
type=AVC msg=audit(1652335951.710:807): apparmor="DENIED" operation="mknod" profile="/usr/sbin/httpd-prefork//adminer" name="/tmp/adminer.version" pid=8051 comm="httpd-prefork" requested_mask="c" denied_mask="c" fsuid=465 ouid=465
apache2_changehat-error_log
Command line: '/usr/sbin/httpd-prefork -D SYSCONFIG -C PidFile /run/httpd.pid -C Include /etc/apache2/sysconfig.d//loadmodule.conf -C Include /etc/apache2/sysconfig.d//global.conf -f /etc/apache2/httpd.conf -c Include /etc/apache2/sysconfig.d//include.conf -D SYSTEMD -D FOREGROUND'
[Thu May 12 02:10:45.882086 2022] [apparmor:error] [pid 7934] (1)Operation not permitted: Failed to change_hat to 'HANDLING_UNTRUSTED_INPUT'
[Thu May 12 02:10:45.882244 2022] [apparmor:error] [pid 7935] (1)Operation not permitted: Failed to change_hat to 'HANDLING_UNTRUSTED_INPUT'
[Thu May 12 02:10:45.882395 2022] [apparmor:error] [pid 7933] (1)Operation not permitted: Failed to change_hat to 'HANDLING_UNTRUSTED_INPUT'
[Thu May 12 02:10:45.883003 2022] [apparmor:error] [pid 7936] (1)Operation not permitted: Failed to change_hat to 'HANDLING_UNTRUSTED_INPUT'
[Thu May 12 02:10:45.883117 2022] [apparmor:error] [pid 7932] (1)Operation not permitted: Failed to change_hat to 'HANDLING_UNTRUSTED_INPUT'
Actions