[apparmor] apparmor with large profile set
John Johansen
john.johansen at canonical.com
Tue Jul 18 04:01:26 UTC 2023
On 7/17/23 16:28, Alexandre Pujol wrote:
> Hi,
<< snip >>
> I am attaching the systemd logs for more details: without apparmor [4] and, with apparmor [5] enabled. They have been generated on an Archlinux based VM made with [6]. The VM can be generated as detailed in [7].
>
so there are a couple of errors that jump out at me around so larger jumps in time in the logs
Jul 10 11:51:22 aa-archlinux-gnome gnome-shell[1754]: AT-SPI: Error retrieving accessibility bus address: org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.
And org.freedesktop.systemd1 seems to be an issue, while the non-apparmor log has some failures it successfully starts the service as part of the session
Jul 10 11:52:48 aa-archlinux-gnome dbus-daemon[439]: [session uid=120 pid=439] Successfully activated service 'org.freedesktop.systemd1'
Jul 10
the apparmor log does not succeed in launching the service, throwing up about 10 more errors around it than the non-apparmor log
nothing definitive but some avenues to research
More information about the AppArmor
mailing list