Questions tagged [app-armor]
The app-armor tag has no usage guidance.
14
questions
0
votes
0
answers
66
views
Network cant be reached in any way with weird apparmor behavior
I compile apparmor from sourc 4.0.0~alpha2-0ubuntu5 amd64, and was trying compile too gui apparmor https://github.com/jack-ullery/AppAnvil, and it's weird becouse i turned off and disable with ...
- 1
0
votes
0
answers
83
views
evince + apparmor + local fonts = some font thing failed
I made my Debian GNU/Linux 12 “bookworm” aware of locally installed fonts in a non-root partition:
$ la -la /usr/local/share/fonts/
…
lrwxrwxrwx 1 root staff 40 8. Feb 22:16 Folder1 -&...
- 149
4
votes
0
answers
786
views
AppArmor issues with Libvirt
I have a fresh Ubuntu Server 22.04.3 and Debian 12.1.0 installed and updated. Along with Cockpit and Cockpit virtual machines on both tests machines.
I am getting the following errors and warning when ...
- 41
0
votes
1
answer
362
views
How to allow an apparmor profile to create a unix socket
On Ubuntu kinetic, I get multiple DENIED operations by apparmor in /var/log/syslog such as:
operation="create" class="net" info="failed type and protocol match" error=-13 ...
1
vote
1
answer
493
views
Can environment variables be made immutable?
With the recent discovery of the Symbiote vulnerability, it is now apparent that we need a mitigation for LD_PRELOAD injection attacks and similar. One way we may be able to prevent this exploitation ...
- 1,017
1
vote
0
answers
1k
views
How do I allow firefox as a snap to run an external program?
I have custom links in my personal wiki to do routine tasks on my computer. For example, when I click the URL mysecretprotocol://launch-calculator, Firefox would run ~/.bin/run-from-firefox launch-...
- 738
1
vote
1
answer
304
views
How are Apparmor and chmod related, if at all?
I'm a beginner programmer setting up my very first Virtual Machine (Debian bullseye) and am trying to wrap my head around Apparmor. When I read it manages "network access, raw socket access, and ...
- 11
0
votes
1
answer
2k
views
Apparmor DENIED ACCESS to soft links
I am using Ubuntu 20.04 (Focal Fossa) but this issues has been happening since I am using an old Ubuntu (19.04 & 19.10). So I have 2 hard disk drives - one is an SSD (small size), the other a SATA ...
- 101
1
vote
1
answer
385
views
Why do I want to keep apparmor on my system?
I'm running a Linux desktop behind a firewall. I've been doing that for years without using apparmor; but recently I upgraded my distro and it got installed. I see its log line, and am wondering - why ...
- 9,852
1
vote
1
answer
2k
views
Could not open '/tunables/proc'
Jumped from Ubuntu 14.04 to 19.04, everything was a-ok until I started getting error messages stating that it could not open 'tunables/proc' on line 17 of 'tunables/global/':
error: cannot perform ...
- 121
1
vote
1
answer
127
views
AppArmor mod_php + MySQL
Is there any way to get AppArmor to work with Apache2 + mod_php + MySQL?
I've already tried sudo aa-complain apache2 and sudo aa-logprof, but still I get a database connection error.
- 157
5
votes
0
answers
3k
views
Libvirt: AppArmor Profiles Access Error
I have installed libvirt-daemon on a fully updated Ubuntu Server 18.04.1 LTS. When trying to execute libvirtd --listen, the following errors arise:
2018-08-24 21:03:18.641+0000: 2855: error : ...
- 153
2
votes
0
answers
677
views
AppArmor transition to subprofile - profile not found
I'm trying to write a custom AppArmor profile for a PHP application. The PHP application is run by PHP-FPM (PHP master process). I want to confine everything PHP is executing via shell_exec/exec/...
- 121
1
vote
2
answers
2k
views
Thunderbird cannot open attachments under Linux any more after updating
I use Debian unstable. After updating the system, Thunderbird suddenly cannot open attachments any more -- nothing happens at all, but the file is stored in /tmp/mozilla.... Usually, evince (or ...
- 18.1k