[pkg-apparmor] Bug#826218: Bug#826218: Complain still interferes
Christian Boltz
debian-bugs at cboltz.de
Sat Jun 4 16:38:46 UTC 2016
Hello,
Am Samstag, 4. Juni 2016, 15:04:04 CEST schrieb Guido Günther:
> Well, there are no DENIED messages - that's the puzzling part and the
> reason for this bug. The should be a all also contain "audit" and end
> up in dmesg so my grep expression should have caught them
Does the profile contain any deny rules?
If unsure, run
apparmor_parser -pq /etc/apparmor.d/the.profile.to.check | grep deny
(this will print out the profile with all includes merged in)
deny rules are enforced even if you switch the profile to complain mode,
and don't leave any log events behind. You might want to change them
to"audit deny" temporarily to get log events (with AUDIT).
BTW: If you switch the profile to complain mode, the messages will
contain ALLOWED instead of DENIED.
Regards,
Christian Boltz
PS: random sig ;-)
--
[AppArmor] Unlike SELinux, it does not require a PhD in computer
security to get it working... [Peter Czanik in opensuse-factory]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-apparmor-team/attachments/20160604/78f74bfd/attachment.sig>
More information about the pkg-apparmor-team
mailing list