[apparmor] unexpected apparmor logs
apparmor at raf.org
apparmor at raf.org
Mon Mar 26 12:24:07 UTC 2018
intrigeri wrote:
> Hi,
>
> apparmor at raf.org:
> > however, there is this rule in /etc/apparmor.d/usr.sbin.apache2:
>
> > /{var/,}run/lock/apache2/mpm-accept.[0-9]* wk,
>
> > any idea why this rule is not being recognised?
>
> This does not match name="/run/lock/apache2/mpm-accept-0.22001"
>
> What about the broader:
>
> /{var/,}run/lock/apache2/mpm-accept* wk,
>
> ?
>
> Cheers,
> --
> intrigeri
hi,
ah, i see it now. there's a "-" before the 0 where the rule
is expecting a ".".
so, a better rule is:
/{var/,}run/lock/apache2/mpm-accept[.-][0-9]* wk,
to accept either a "." or "-" before the first digit.
i wonder why that rule has been fine elsewhere. e.g.
on debian8 hosts and other debian9 hosts that were
previously debian8 hosts. this is a fresh debian9
host. maybe that has something to do with it.
maybe the "-0" has been inserted where it previously
didn't appear.
cheers,
raf
More information about the AppArmor
mailing list