On 12/08/2017 08:20 AM, Viacheslav Salnikov wrote: > Hello, > > First of all, I googled and experimented. Didn't work out so well. > > I want to ensure that communication through unix socket is monitored by > apparmor. > What should I do to make this happen? >
As Seth mentioned you will need a kernel, and userspace that supports unix socket mediation. AppArmor 2.11 (latest release) supports unix socket rules. The Ubuntu kernels have supported unix socket mediation in some form since 14.10 The patch does not currently exist in the upstream kernel but there is an out of tree patchset available, in the kernel-patches/ directory of the userspace project. You can find it in the release tarball, or gitlab.com/apparmor/apparmor you will want the v4.13 or v4.14 dir -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
