On Wed, Sep 17, 2025 at 12:49:26PM +0200, Stefano Brivio wrote: > [Note that you didn't answer on the ticket, I'm not sure if it's > intentional, but I'm replying to you directly in case it was. Feel free > to copy / quote my reply in public]
Opps, good catch. The discuss shall be in public.
> Could you try:
>
> 1. 'ls -l /usr/bin/pasta'
$ ls -l /usr/bin/pasta
-rwxr-xr-x 2 root root 292K Sep 11 23:47 /usr/bin/pasta*
> 2. 'file /usr/bin/pasta'
$ file /usr/bin/pasta
/usr/bin/pasta: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV),
dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2,
BuildID[sha1]=bc7ade7fef69c77ec50487ee226033e9922f1cc8, for GNU/Linux 3.2.0,
stripped
> 3. 'aa-enforce pasta', and then start it again?
Try with normal user:
$ aa-enforce pasta
Cannot write to profile directory.
Please run as a user with appropriate permissions.
ERROR: Cannot write to profile directory: /etc/apparmor.d
Try with sudo
$ sudo aa-enforce pasta
Setting /usr/bin/pasta to enforce mode.
Warning: profile pasta represents multiple programs
>
> 4. if 3. doesn't change anything, disable AppArmor altogether
> (temporarily, just for the test!) with 'aa-teardown', and try again?
It works after `aa-teardown`:
$ sudo aa-teardown
Unloading AppArmor profiles
$ pasta -- true
No interfaces with usable IPv4 routes
No interfaces with usable IPv6 routes
--
ChangZhuo Chen (陳昌倬) czchen@{czchen,debian}.org
Key fingerprint = BA04 346D C2E1 FE63 C790 8793 CC65 B0CD EC27 5D5B
signature.asc
Description: PGP signature
