On Thu, Mar 07, 2019 at 09:41:40PM +0100, intrigeri wrote: > I would suggest trying to use the AppArmorProfile= directive in the > journald unit. I suspect it'll fail because some other stuff (normally > set up by apparmor.service) is not ready yet at the time journald > starts, but it'll be interesting to know what that stuff is and
You could try amending the systemd unit file in question with: ExecStartPre=apparmor_parser --replace /etc/apparmor.d/<path_to_journald_profile> Perhaps in case the profile may not exist and you still want the journal service to start: ExecStartPre=-apparmor_parser --replace ... When the full apparmor.service unit runs, it'll try to load that profile from the binary cache, and the kernel will notice it's unchanged and skip further processing. So this shouldn't affect boot speed all that much. Of course if the journal service is started before the necessary filesystems are mounted, that's something else. Thanks
signature.asc
Description: PGP signature
