[apparmor] Specific kernel version required specific apparmor-utils version?
xoip at posteo.de
xoip at posteo.de
Fri Jul 26 12:41:28 UTC 2024
I'm testing linux 6.10.1.
apparmor-utils version is 3.0.8
auditd and apparmor are enabled.
create usr.bin.mpv profile and activate with "aa-complain usr.bin.mpv".
aa-status show its fine.
but when i want to check logs with aa-logprof.
logs are readed by i never asked to allow or denied anything.
/var/log/audit/audit.log
type=AVC msg=audit(1721996490.702:8607): apparmor="ALLOWED"
operation="recvmsg" class="net" profile="/usr/bin/mpv" pid=822
comm="mpv/vo" family="unix" sock_type="stream" protocol=0
requested_mask="r>
type=SYSCALL msg=audit(1721996490.702:8607): arch=c000003e syscall=47
success=yes exit=60 a0=3 a1=74f341ffef10 a2=40000040 a3=0 items=0
ppid=821 pid=822 auid=1000 uid=1000 gid=1000 euid=1000 suid=10>
type=PROCTITLE msg=audit(1721996490.702:8607): proctitle="mpv"
Do i need newer version of apparmor-utils?
https://gitlab.com/apparmor/apparmor/-/wikis/Kernel_Feature_Matrix
says at 5.0 kernel "no userspace requirements."
greetings xoip
More information about the AppArmor
mailing list