[apparmor] apparmor cache dir error messages

Mon May 17 21:50:06 UTC 2021

Hello,

Am Montag, 17. Mai 2021, 10:15:15 CEST schrieb mailinglisten at posteo.de:
> I just discovered an apparmor error message in the logs and I have no
> clue when this first appeared....
> 
> "apparmor.systemd (...) Cache: failed to add read only location
> '/usr/share/apparmor/cache', does not contain valid cache directory"
> 
> /usr/share/apparmor/cache/ actually does exist and contains a 1 year
> old subdirectory with profile files inside, as it seems.
> 
> Is this something to worry about?

Not really, it's quite harmless.

/usr/share/apparmor/cache/ contains a pre-compiled cache, typically 
shipped by a RPM or DEB package.

You'll notice that it has one or more subdirectories like 2cfa59e0.0, 
the directory name is [simplified explanation] a hash of the AppArmor 
features supported by the kernel.

In theory the packaged pre-compiled cache should match the kernel so 
that the directory actually gets used. Your error message indicates that 
there is a mismatch - did you install a non-default kernel?
(And BTW, which distribution do you use?)

> Since this subdir in the cache is year old, I guess it´s safe to
> delete?

The directory is probably part of a package you've installed [1], 
therefore I'd recommend to keep it. (Deleting it won't break AppArmor, 
but your package manager might start to complain about the missing 
files.)

Regards,

Christian Boltz

[1] on openSUSE it's part of the apparmor-profiles package
-- 
Nun liegen 70 Gigs en bloc darum und nix ist mehr mit LVM.
Ich könnte sie allenfalls per Mail an eine ungültige Adresse
verschicken und schnell partitionieren, bevor sie zurückkommen.
[Ratti in suse-linux]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20210517/d9dc4d4f/attachment.sig>