> Hello, > > Am Montag, 16. Oktober 2017, 21:05:16 CEST schrieb Malte Gell: >> Profile: /usr/bin/foobar >> Operation: ptrace >> Denied: trace >> Logfile: /var/log/audit/audit.log
> AFAIK you use openSUSE Tumbleweed, so you probably have Kernel 4.13.x. Tumbleweed no, kernel 4.13 yes. > With Kernel 4.13, support for the "ptrace" rule type was added (actually Ah yes, ptrace, did the trick. > The easiest way is to use aa-logprof - it already supports ptrace rules > and will propose a matching, as-strict-as-possible rule. By all that manual creating I totally forgot the other AA tools.... > Finally, 4.15 [1] will support two more rule types - dbus and unix. That explains why getattr troubles ;-) Thanks -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
