[apparmor] apparmor is not getting started

Ratan Gupta ratankgupta31 at gmail.com
Fri Jun 18 07:26:10 UTC 2021 

Hi Team,

It would be really helpful if you can look at the following email and guide
me what I am missing?

I am trying to enable the apparmor in the following linux,
https://github.com/openbmc/linux
<https://github.com/openbmc/openbmc/tree/master/meta-ibm/recipes-kernel/linux>

I pulled the http://git.yoctoproject.org/cgit/cgit.cgi/meta-security layer
and pulled the apparmor from the meta-security.

My kernel is built with the following option flags to enable the
apparmor(Highlighted in *BOLD*)

CONFIG_PCI=y
CONFIG_PCIEPORTBUS=y
CONFIG_PCI_DEBUG=y
CONFIG_PCI_STUB=y
CONFIG_PCI_IOV=y
CONFIG_PCI_PRI=y
CONFIG_PCIE_ASPEED=y
CONFIG_SCSI=y
CONFIG_BLK_DEV_SD=y
CONFIG_CHR_DEV_SG=y
CONFIG_USB_NET_DRIVERS=y
CONFIG_SENSORS_ADT7475=y
CONFIG_USB_UHCI_HCD=y
CONFIG_USB_STORAGE=y
CONFIG_USB_ETH=y
CONFIG_MSDOS_FS=y
CONFIG_VFAT_FS=y
CONFIG_FAT_DEFAULT_UTF8=y
CONFIG_SENSORS_ADT7475=y

CONFIG_SECURITYFS=y
CONFIG_SECURITY_NETWORK=y
CONFIG_SECURITY_PATH=y
*CONFIG_SECURITY_APPARMOR=y*

*CONFIG_SECURITY_APPARMOR_HASH=yCONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y*

*CONFIG_DEFAULT_SECURITY="apparmor"CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1*
CONFIG_AUDIT=y
define KFEATURE_COMPATIBILITY all

root at abc:~# aa-status
apparmor not present.


root at abc:~#

root at abc:~# apparmor_status
apparmor not present.
root at abc:~#

root at abc:~# systemctl status aaparmor
Unit aaparmor.service could not be found.
root at abc:~# systemctl status apparmor
* apparmor.service - AppArmor initialization
     Loaded: loaded (/lib/systemd/system/apparmor.service; enabled; vendor
preset: enabled)
     Active: inactive (dead)

*Condition: start condition failed at Thu 1970-01-01 00:00:14 UTC; 51 years
5 months ago             `- ConditionSecurity=apparmor was not met*
       Docs: man:apparmor(7)
             http://wiki.apparmor.net/

Jan 01 00:00:14 abc systemd[1]: Condition check resulted in AppArmor
initialization being skipped.

Regards
Ratan Gupta
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20210618/d9319ad9/attachment.html>

More information about the AppArmor mailing list