apparmor: fix quiet_denied for file rules
Global quieting of denied AppArmor generated file events is not
handled correctly. Unfortunately the is checking if quieting of all
audit events is set instead of just denied events.
Fixes: 67012e8209
("AppArmor: basic auditing infrastructure.")
Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
parent
ba77f39062
commit
68ff8540cc
@ -137,7 +137,7 @@ int aa_audit(int type, struct aa_profile *profile, struct common_audit_data *sa,
|
||||
}
|
||||
if (AUDIT_MODE(profile) == AUDIT_QUIET ||
|
||||
(type == AUDIT_APPARMOR_DENIED &&
|
||||
AUDIT_MODE(profile) == AUDIT_QUIET))
|
||||
AUDIT_MODE(profile) == AUDIT_QUIET_DENIED))
|
||||
return aad(sa)->error;
|
||||
|
||||
if (KILL_MODE(profile) && type == AUDIT_APPARMOR_DENIED)
|
||||
|
Loading…
Reference in New Issue
Block a user