[apparmor] Confinement inheritance with ix
Seth Arnold
seth.arnold at canonical.com
Fri Aug 14 22:30:10 UTC 2020
On Sat, Aug 15, 2020 at 12:09:55AM +0200, Jonas Große Sundrup wrote:
> The executable in question, in whose profile the ix-confinement did not
> work, was in fact not the executable, but a symlink to it, which I
> didn't directly notice. While htop will then note the process via its
> *executed* name, aka the name of the symlink, AppArmor triggers only
> for the *actual* executable. After realizing this and adapting the
> profiles accordingly, everything now works smoothly according to the
> documentation. :)
Oh, excellent, thanks for reporting back.
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20200814/efcc0061/attachment.sig>
More information about the AppArmor
mailing list