Hi. It seems, that this "problem" is solved. After installing 16.04 LTS Release and doing some tests with various AppArmor rules etc., it turned out that these two rules fixed this issue;
deny capability sys_ptrace, deny ptrace, However, netstat(8) utility in 16.04 LTS Release used with '-p' option produced different log entries. For example: [ 2272.884332] audit: type=1400 audit(1494264517.023:78): apparmor="DENIED" operation="ptrace" profile="/bin/netstat" pid=3544 comm="netstat" requested_mask="trace" denied_mask="trace" peer="unconfined" And so on. More info can be found here: <https://lists.ubuntu.com/archives/apparmor/2017-May/010744.html> I hope, that this issue is really solved/fixed. Best regards. ** Summary changed: - [profile] netstat(8): ptrace and many DENIED messages (target=*). + [profile] netstat(8): using '-p' option produces many ptrace-related DENIED entries in log files. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1653347 Title: [profile] netstat(8): using '-p' option produces many ptrace-related DENIED entries in log files. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1653347/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
