Package: logwatch Version: 7.4.0+svn20120502rev103-1 Tags: patch Forwarded: https://sourceforge.net/tracker/?func=detail&aid=3614056&group_id=312875&atid=1316826
Hi, i had many unmatched entries while using apparmor and logwatch on my wheezy system like: type=1400 audit(1369519203.141:259049): apparmor="ALLOWED" operation="exec" parent=3733 profile="/usr/sbin/dovecot//null-1c//null-1d" name="/usr/lib/dovecot/pop3-login" pid=24634 comm="dovecot" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 target="/usr/sbin/dovecot//null-1c//null-1d//null-d12" type=1400 audit(1369627891.522:447576): apparmor="ALLOWED" operation="capable" parent=1 profile="/usr/sbin/dovecot//null-1c//null-1d" pid=3733 comm="dovecot" capability=5 capname="kill" because "ALLOWED" is not matched at all. The attached patch fixes most of them but maybe could be optimized. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
