On Fri, 31 May 2019, Ian wrote: > The only thing outstanding is some trouble I run into after the initramfs > chroot transition but before the apparmor service starts: > > May 31 12:10:55 1546-w-dev audit[5162]: AVC apparmor="ALLOWED" > operation="exec" info="profile transition not found" error=-13 > profile="init-sys > temd" name="/usr/bin/unshare" pid=5162 comm="(spawn)" > requested_mask="x" denied_mask="x" fsuid=0 ouid=0 > target="/usr/bin/unshare" > May 31 12:10:54 1546-w-dev audit[5004]: AVC apparmor="ALLOWED" > operation="exec" info="profile transition not found" error=-13 > profile="init-sys > temd" name="/usr/bin/unshare" pid=5004 comm="(spawn)" > requested_mask="x" denied_mask="x" fsuid=0 ouid=0 > target="/usr/bin/unshare"
Notice it is /usr/bin/unshare here, but you mention below that '/usr/sbin/unshare' exists, but what you pasted looks correct. Is this a typo in the email or somewhere else? > The /usr/sbin/unshare profile exists: > > root@1546-w-dev:/etc/apparmor.d# cat usr.bin.unshare > profile usr.bin.unshare /usr/bin/unshare > flags=(complain,attach_disconnected) { > #include <local/whitelist> > } -- Jamie Strandboge | http://www.canonical.com
signature.asc
Description: PGP signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor