You can use aa-logprof and, before saving the changes, use "(v)iew Changes" or "View Changes b/w (C)lean profiles" to see the added rules and also the removed rules that are obsoleted by added rules. Afterwards, abort instead of changing the profiles ;-)
That said - maybe your idea of a tool that translates a log to a list of missing rules isn't that bad. Let me think about it for a while ;-) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1525119 Title: Cannot permit some operations for sssd To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1525119/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
