On Fri, Dec 08, 2017 at 06:20:01PM +0200, Viacheslav Salnikov wrote: > I want to ensure that communication through unix socket is monitored by > apparmor. > What should I do to make this happen?
Hello Viacheslav,
This is actually slightly complicated to answer:
- Different kernels will have different kinds of mediation available.
Hopefully this problem will be getting better in the future, but in the
meantime, it's best to check the advertised features of the system in
question:
$ cat /sys/kernel/security/apparmor/features/network/af_unix
yes
- Different parsers will have different kinds of mediation available. The
easy test is to try:
$ echo "profile p { unix, }" | apparmor_parser -Qd
Warning from stdin (line 1): apparmor_parser: cannot use or update
cache, disable, or force-complain via stdin
----- Debugging built structures -----
Name: p
Profile Mode: Enforce
unix (),
- Policy pinning via apparmor_parser's --features-file (-M) setting may
influence what is actually compiled.
I hope this helps, please don't hesitate to ask for further help.
Thanks
signature.asc
Description: PGP signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
