[apparmor] aa_getcon
Jeroen Ooms
jeroen.ooms at stat.ucla.edu
Wed Jul 18 00:10:54 UTC 2012
I am implementing an interface to aa_getcon as described here:
http://manpages.ubuntu.com/manpages/precise/man2/aa_getcon.2.html, but
I am getting a bit stuck. This might be largely due to my lack of
experience with C, but hopefully someone can give me some pointers (or
pointers to pointers :-)
As I understand it, aa_getcon can be used to get the confinement
information for the current process. When I call it from an unconfined
process, char **con correctly contains "unconfined". However char
**mode contains nothing? I get a 'memory not mapped' error when
trying to copy the variable mode.
When calling aa_getcon from a confined process, I always get an errno
13. I think this is permission denied. Do I need to add any special
capabilities to the profile for aa_getcon to work?
More information about the AppArmor
mailing list