Hi, I'm running apparmor 2.9.1, Kernel 3.16.7-24-default on openSUSE 13.2 x86_64. During my attempts to configure and enable apparmor I hit a roadblock which I can't get out of. I created a usr.sbin.httpd2-prefork profile to match the apache installation from openSUSE. ( see diff at the end, I can find nothing relevant ).
Trying to put the module into enforce mode leads to an error parsing /etc/apparmor.d/tunables/home: # aa-enforce usr.sbin.httpd2-prefork Setting /etc/apparmor.d/usr.sbin.httpd2-prefork to enforce mode. Traceback (most recent call last): File "/usr/sbin/aa-enforce", line 30, in <module> tool.cmd_enforce() File "/usr/lib/python3.4/site-packages/apparmor/tools.py", line 166, in cmd_enforce raise apparmor.AppArmorException(cmd_info[1]) apparmor.common.AppArmorException: 'AppArmor parser error for /etc/apparmor.d/usr.sbin.httpd2-prefork in /etc/apparmor.d/tunables/home at line 16: syntax error, unexpected TOK_EQUALS, expecting TOK_MODE\n' The tunables/home file is unchanged. This looks a lot like https://bugs.launchpad.net/ubuntu/+source/mysql-5.6/+bug/1487536 , but I don't have an ubuntu machine to use apport for adding more information. How can I debug/fix this issue? Thanks, Robert --- usr.sbin.apache2 2015-09-10 20:07:54.142476005 +0000 +++ usr.sbin.httpd2-prefork 2015-09-21 14:32:25.205495969 +0000 @@ -1,7 +1,8 @@ # Author: Marc Deslauriers <[email protected]> +# copied from usr.sbin.apache2 #include <tunables/global> -/usr/sbin/apache2 { +/usr/sbin/httpd2-prefork { # This profile is completely permissive. # It is designed to target specific applications using mod_apparmor, @@ -103,7 +104,4 @@ # package-specific apparmor files. #include <apache2.d> - - # Site-specific additions and overrides. See local/README for details. - #include <local/usr.sbin.apache2> } -- http://robert.muntea.nu/ -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
