"AppArmor has denied" test is fragile
Originally created by @intrigeri on #9924 (Redmine)
features/pidgin.feature:91
fails for me: it says that AppArmor has not
denied access; I’ve done the same test manually and it worked at least
once.
I think that it’s because of audit_printk_skb: 69 callbacks suppressed
, because if I retry by hand after taking control of
TailsToaster, I can sometimes make the line appear in syslog, and
sometimes not.
Not sure how to fix that, perhaps by silencing some of the deny logging that we don’t care about, to ensure that whatever is useful is actually logged? Or temporarily reconfiguring whatever suppresses these callbacks (rsyslog? the kernel audit subsystem?) in the test suite so that it stops doing that?
Feature Branch: bugfix/9924-apparmor-has-denied-step-is-fragile