After updating the kernel from 4.12 -> 4.13, some of my programs stopped working, even though they have profiles in the "complain mode". Here's an example of a message that appears in the system log:
AVC apparmor="ALLOWED" operation="exec" info="no new privs" error=-1 profile="/bin/app_1" name="/bin/app_2" pid=60616 comm="app_1" requested_mask="x" denied_mask="x" fsuid=104 ouid=0 target="/bin/app_2" According to this log, app_1 has its profile and it wanted to execute app_2. The app_1 profile has the following rule: /bin/app_2 rPUx, Before upgrading the kernel, everything was fine, but now (even in the complain mode), the app doesn't work well -- it simply stopped working at all, and only removing the profiles can make it work again. So what is wrong in this case? It has the permission to execute the app_2, but it looks like that it doesn't work anymore. -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
