Krikras, I'm happy that your system appears to be functioning normally
again.
I'll try to explain what you're seeing now, hopefully it will be helpful
in the future.
First, you don't strictly need to store your profiles in
/etc/apparmor.d/ -- the profile does not actually need to exist as a
file. For example, if you ever need to unload a profile by hand (very
rare, but for the sake of discussion) you can run:
echo "/path/to/program { } " | apparmor_parser --remove
or
echo "name_of_profile { }" | apparmor_parser --remove
So your profiles can live anywhere on disk, or not even be written to
disk, but none of the other tools handle this situation gracefully: you
lose aa-audit, aa-complain, aa-disable, aa-enforce, aa-logprof, and aa-
genprof. (The remaining tools may not handle profiles living outside the
profile directory. I kow these tools will fail.) The apparmor init
script will only load profiles from /etc/apparmor.d/.
A profile in your home directory is best thought of as a test case or
backup or something similar.
When you ran apparmor_status and got this ouput:
| 1 processes are unconfined but have a profile defined.
| /usr/bin/pidgin (3515)
this simply means that the profile was loaded _after_ pidgin was started.
AppArmor profiles must be loaded before the confined program is started.
AppArmor does not find existing processes to confine when you load a new
profile.
And finally, for the [][][][] blocks in your password prompts, that is often an
indication that your profile isn't yet complete. I recommend running aa-logprof
to find the requested accesses that aren't yet in your profile. Since
aa-logprof reads from your log files (either /var/log/audit/audit.log or
/var/log/syslog), you need to run aa-logprof soon enough that all the messages
are in the log file itself -- aa-logprof does not inspect the log-rotated files
by default. It is usually far easier to run aa-logprof several times over a day
than waiting a day or two days "for everything". Incremental improvement is a
lot easier.
Once you no longer have log messages, that would be a good time to run
aa-enforce pidgin.
I hope this helps.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1066369
Title:
AppArmor parser error, Warning from stdin (line 1), syntax error.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1066369/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
