[apparmor] A mount rule doesn't work for /
John Johansen
john.johansen at canonical.com
Thu Jan 3 14:24:43 UTC 2019
On 12/21/18 6:26 PM, Mikhail Morfikov wrote:
> Most of the mount rules work just fine, but I have one that doesn't really want
> to work. Here's the log message:
>
> ---------
> [ 586.912376] audit: type=1400 audit(1545442788.976:399): apparmor="ALLOWED"
> operation="mount" info="failed flags match" error=-13 profile="systemd-shutdown"
> name="/" pid=12559 comm="(sd-remount)" flags="ro, remount, shared, relatime"
> ---------
>
> I have the following rule for it:
>
> ---------
> mount options=(ro,remount,shared,relatime) -> /,
> ---------
>
> But it seems the rule doesn't really fix the problem. So what rule should be
> used instead?
>
>
What version of the apparmor userspace are you using
apparmor_parser -V
and what kernel are you using?
More information about the AppArmor
mailing list