[apparmor] [profile] /etc/cron.daily/logrotate: updated version.
daniel curtis
sidetripping at gmail.com
Tue Dec 20 20:20:48 UTC 2016
Hi
Please, forgive me that I'm writing message, one by one, but I've decided
to test logrotate profile without rules for a /tmp directory. Honestly;
I've never saw such files: logrot* or file* etc. So, I removed them, reload
logrotate profile (via apparmor_parser(8) utility) and AppArmor (via
/etc/init.d/ directory) and everything seems to be OK. Log files contains
something like this:
* kern.log file:
Dec 20 21:04:29 t4 kernel: [31424.923648] audit_printk_skb: 60 callbacks
suppressed
Dec 20 21:04:29 t4 kernel: [31424.923652] type=1400
audit(1482264269.153:46): apparmor="STATUS" operation="profile_replace"
name="/etc/cron.daily/logrotate" pid=4337 comm="apparmor_parser"
* syslog file:
Dec 20 21:04:29 t4 kernel: [31424.923648] audit_printk_skb: 60 callbacks
suppressed
Dec 20 21:04:29 t4 kernel: [31424.923652] type=1400
audit(1482264269.153:46): apparmor="STATUS" operation="profile_replace"
name="/etc/cron.daily/logrotate" pid=4337 comm="apparmor_parser"
What do you think; rules related to /tmp directory, can be removed from a
logrotate profile? I'm sorry that I haven't checked this before. (I hope,
that there will be no problems after computer restart. I can not check it
now, but profile and AppArmor was already reloaded/restarted, right?)
Best regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20161220/74375f92/attachment.html>
More information about the AppArmor
mailing list