[apparmor] trouble confining sshd

Seth Arnold seth.arnold at gmail.com
Tue Mar 29 11:02:06 UTC 2011


On Tue, Mar 29, 2011 at 3:38 AM, John Johansen
<john.johansen at canonical.com> wrote:
>> Is complain mode expected to work?
> yes it should
> seth can you enable debug
>  echo 1 > /sys/module/apparmor/parameters/debug

The strangest looking thing in the log is the length of a profile name:
profile="/usr/sbin/sshd//null-1d9//null-1da//null-1e1//null-1e2//null-1e3//null-1e5//null-1e6//null-1e7"

But I couldn't find any messages that weren't ALLOW messages. So I'm
confused. I hope you've got
a better crystal ball than I do. :)

Thanks John!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: audit.log.gz
Type: application/x-gzip
Size: 40344 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20110329/b00e62f3/attachment-0001.bin>


More information about the AppArmor mailing list