I have two apps: *app1* and *app2*, and *app1* calls/executes *app2* at some point in time.
When I create an AppArmor profile for *app2* only, the *app2* works well, and there's no problem with its confinement. When now I create an AppArmor profile for *app1* and inside of this profile I use "/bin/app2 rPUx," rule to execute *app2*, I get: apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="app2" \ name="apparmor/.null" pid=55644 comm="app2" requested_mask="r" denied_mask="r" fsuid=1 ouid=0 So when the confined *app1* calls the confined *app2*, I get the "Failed name lookup - disconnected path" error, but when the unconfined *app1* calls the confined *app2*, I don't get this error. Also when I execute the *app2* manually, I don't get the error. It looks like this situation happens only for a small amount of apps in my system, but I don't really know why. So what's wrong with it? Shouldn't the error be in all cases (the app executed manually and executed from the other confined/unconfined app)?
signature.asc
Description: OpenPGP digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
