On 04/09/2013 01:58 AM, Aaron Lewis wrote: > Hi John! > > On 01:38 Tue 09 Apr , John Johansen wrote: >> On 04/08/2013 10:57 PM, Aaron Lewis wrote: >>> Hi, >>> >>> I'm running Arch with 3.8.6. kernel, and I got it patched with 2.8.1 >>> releases. >>> >>> But aa-status got errors, >>> >>> apparmor module is loaded. >>> apparmor filesystem is not mounted. >>> >>> Any ideas? >>> >>> P.S securityfs is mounted, mount shows: >>> >>> securityfs on /sys/kernel/security type securityfs (rw,relatime) >>> >> aaron what patches are applied? Is this a stock 3.8 kernel? > > The patch set for 3.6, and I modified the code a bit to make the patch > work (no functionality change) > > The 3.8.6 kernel with grsec patch. > >> >> What is the value returned from >> >> cat /sys/module/apparmor/parameters/enabled >> > > Says 'N' > > But I have a `security=apparmor` in /proc/cmdline, so that's no longer > suitable? > No that should still apply. There are a couple of other configs that could cause apparmor to not register.
if apparmor is built with the config SECURITY_APPARMOR_BOOTPARAM_VALUE=0 then even if security=apparmor is set apparmor will be disabled, and can only be enabled by setting apparmor=1 in boot loaders kernel cmdline. So you can try this without even having to rebuild the kernel. If security= isn't set then the default lsm is used what ever that is set to (shouldn't apply in this case). -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
