[apparmor] Missing /sys/kernel/security/apparmor
Justin Dick
Justin.Dick at vizio.com
Tue Oct 29 22:28:42 UTC 2019
Hello all -
I'm trying to enable snapd on an embedded device, and looking into getting apparmor support sorted out. I'm working with kernel 3.10 and AFAIK have everything set up properly in the config. After boot, /sys/module/apparmor/parameters/enabled is 'Y', but /sys/kernel/security/ is completely empty. I've tried booting with no explicit flags set in the kernel boot parameters (relying on the kernel config defaults), and with setting "security=apparmor apparmor=1". Nothing seems to help.
Any ideas from anyone? I'm pasting the relevant entries in /proc/config.gz below.
Thanks, all!
Justin
-sh-3.2# cat /proc/config.gz | gzip -d | grep SECURITY
CONFIG_EXT4_FS_SECURITY=y
# CONFIG_SECURITY_DMESG_RESTRICT is not set
CONFIG_SECURITY=y
CONFIG_SECURITYFS=y
CONFIG_SECURITY_NETWORK=y
# CONFIG_SECURITY_NETWORK_XFRM is not set
CONFIG_SECURITY_PATH=y
# CONFIG_SECURITY_SELINUX is not set
# CONFIG_SECURITY_SMACK is not set
# CONFIG_SECURITY_TOMOYO is not set
CONFIG_SECURITY_APPARMOR=y
CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1
# CONFIG_SECURITY_YAMA is not set
CONFIG_DEFAULT_SECURITY_APPARMOR=y
# CONFIG_DEFAULT_SECURITY_DAC is not set
CONFIG_DEFAULT_SECURITY="apparmor"
-sh-3.2# ls /sys/kernel/security/
-sh-3.2# cat /sys/module/apparmor/parameters/enabled
Y
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20191029/bd095790/attachment.html>
More information about the AppArmor
mailing list