[apparmor] Linked profiles in complain mode
Mark Wadham
ubuntu at rkw.io
Wed Jul 27 07:41:29 UTC 2016
Thanks Seth,
I've also got this issue which is confusing:
[298095.650794] audit: type=1400 audit(1469603593.253:31338):
apparmor="DENIED" operation="getattr" info="Failed name lookup - deleted
entry" error=-2 profile="/usr/sbin/dovecot"
name="/var/lib/dovecot/.temp.a.rkw.io.18728.38411b5110c0f7d6" pid=18728
comm="dovecot" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
yet the usr.sbin.dovecot profile explicitly allows access to files in
the /var/lib/dovecot/* path:
/var/lib/dovecot/* rwkl,
If I trigger the same log entry in complain mode and run aa-logprof it
doesn't report anything.
Thanks,
Mark
More information about the AppArmor
mailing list