[pkg-apparmor] Feedback on "Updating a profile in Debian’s apparmor-profiles-extra package"
u
u at 451f.org
Fri Jan 30 13:35:24 UTC 2015
Cameron Norman:
Hi,
>> As for the second question asked, maybe one of you could answer this:
>> "do you have plans on working on violation detection tool, like SUSE had
>> with YaST2, and Fedora had with setroubleshootd?".
>
> There is apparmor-notify, but last I heard there were a few bugs that
> made it imperfect in actually notifying the user (I think it works
> fine if you have auditd installed). Otherwise, simply grepping through
> /var/log/kern.log for DENIED= messages works for more in depth
> investigation.
Thanks for your answer.
I think there is a malfunctioning default configuration which makes the
auditd log unreadable:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759604
Cheers!
u.
More information about the pkg-apparmor-team
mailing list