[apparmor] Apparmor profile enforce issue, when changing from root to non-root
Seth Arnold
seth.arnold at canonical.com
Tue Sep 1 03:26:52 UTC 2020
On Mon, Aug 31, 2020 at 10:34:46PM -0400, swarna latha wrote:
> I am getting the complete set of libraries used by my process with status=
> AUDIT, right from /etc/ld.so.cache. It looks to me as though the profile is
> not applied, though i have rules allowing the /etc/ld.so cache access.
>
> As i have these file entries in my profile, i am not getting
> ALLOWED/DENIED, hence not able to regenerate the profile with these events.
Hello Swarna, so, is it the case that your system works fine when the
'capability,' line is in the profile, but when you remove it and reload
the profile, the application doesn't start *and* doesn't log anything
different?
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20200901/71bf168e/attachment.sig>
More information about the AppArmor
mailing list