Normally, this
1424:salvo::/usr/bin/firejail /usr/bin/telegram-desktop --
2205:salvo::/usr/bin/firejail /usr/bin/chromium
5684:salvo::/usr/bin/firejail /usr/games/steam -tcp
I am however questioning the design decision of having those audit
logs in the kernel logs, since they push out the interesting logs, and
every failure seems to be logged. If they are so important, why log
them in a place where having so many of them will delete the older
ones?
How do i reload after changing an apparmor profile?
Il giorno gio 1 nov 2018 alle ore 18:22 Reiner Herrmann
<rei...@reiner-h.de> ha scritto:
>
> On Thu, Nov 01, 2018 at 06:13:02PM +0100, Reiner Herrmann wrote:
> > Do you see anything in the profile that looks wrong and could be causing
> > those logs when it is loaded by firejail?
>
> I just saw that the firejail-default AppArmor profile contains the
> following:
>
> > ##########
> > # With ptrace it is possible to inspect and hijack running programs.
> > # Usually this
> > # is needed only for debugging. To allow ptrace, uncomment the following
> > # line.
> > ##########
> > #ptrace,
>
> @Salvo, do you still see the logs, when you uncomment ptrace here and
> reload it?
>
> Regards,
> Reiner
--
Salvo Tomaselli
"Io non mi sento obbligato a credere che lo stesso Dio che ci ha dotato di
senso, ragione ed intelletto intendesse che noi ne facessimo a meno."
-- Galileo Galilei
http://ltworf.github.io/ltworf/
