[apparmor] Problem with audit rule modifier

azurIt azurit at pobox.sk
Fri Jun 28 15:36:30 UTC 2013


i'm having problems with audit rule modifier - it's just not working when used alone. I'm trying to enable only logging with this:
audit /home/** a,
audit /home/** w,

It should work according to documentation ( http://wiki.apparmor.net/index.php/QuickProfileLanguage#Rule_Modifiers ) but it's doing nothing. I was able to enable logging only with this running in complain mode:
audit deny /home/**/*.php a,
audit deny /home/**/*.php w,

Audit alone it not working. Is this a known bug? Thanks.

Kernel 3.2.47


More information about the AppArmor mailing list