I'm not using Kerberos here but I found the profiles from apparmor- profiles to still lack a few bits in Precise. I've attached the patch to get a working profile. The only thing that didn't work in my testing is SFTP when using "Subsystem sftp internal-sftp".
** Patch added: "Add missing capabilities/rules for usr.sbin.sshd" https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/228229/+attachment/3473592/+files/usr.sbin.sshd.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/228229 Title: sshd profile does not work out-of-the-box To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/228229/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
