Questions tagged [apparmor]
AppArmor is a Mandatory Access Control (MAC) mechanism which can be used to confine processes on Linux systems. Use AppArmor tag in questions about AppArmor in general, AppArmor profiles or AppArmor related problems.
114 questions
1
vote
1
answer
38
views
AppArmor Weird Behavior Debian 13.1
I'm new to AppArmor. I'm trying to create a more restrictive AppArmor configuration for my plex server. I used chatgpt to walk me through this process, but it has seemingly broken my AppArmor install ...
0
votes
0
answers
21
views
Using AppArmor to allow a bunch of mounts but allow one particular source to be mounted at one path
Assume we have an AppArmor profile that allows for several paths to be used as mount points for pretty much anything:
mount -> /home/**,
mount -> /mnt/**,
Now, suppose that we want to disallow ...
1
vote
0
answers
19
views
Restricting access to all subpaths inside a folder except for one using AppArmor
To allow access to all paths in AppArmor, one uses allow file /{,**}. Now, suppose we want to deny access to all subpaths in a folder in except for one, e.g., allow access to /upper/lower but deny ...
0
votes
1
answer
121
views
How do I use AppArmor to disable the execution of specific executables from bash?
I have an AppArmor profile which allows everything except for writing to /etc/hosts. I would like to also make it impossible to execute iptables. Other than that, I want bash to behave completely ...
2
votes
1
answer
79
views
transmission-gtk spamming dmesg with messages about /proc/sys/net/ipv6/conf/all/disable_ipv6
I'm using transmission-gtk 4.1.0-beta.2 on Devuan GNU/Linux Excalibur. My dmesg log is spammed with the following kind of message:
[Jul 4 14:47] audit: type=1400 audit(1751629628.491:75895): apparmor=&...
1
vote
0
answers
70
views
How can I configure AppArmor to never log APPROVED messages in dmesg?
My dmesg is full of apparmor="ALLOWED" messages.
I want to get rid of them, and only be told in the logs about "DENIED" apparmor events.
How do I do that...
universally?
for a ...
1
vote
0
answers
110
views
Getting a large number of type=1400 apparmor=ALLOWED dmesg lines
My dmesg log is littered with the following kind of lines:
[ +0.000009] audit: type=1400 audit(1745688898.020:223710): apparmor="ALLOWED" operation="getattr" class="file"...
0
votes
1
answer
429
views
"Permission Denied" when trying to use an externally launched virtiofsd with libvirt on Ubuntu LTS 24.04
On Ubuntu LTS 24.04 Server, with a libvirt-managed QEMU virtual machine, I'm trying to use a externally-launched virtiofsd as documented in the libvirt docs, because I need to enable features, such as ...
0
votes
0
answers
191
views
Weird apparmor unix socket denial for sudo
I have a custom SSH server written in go that wraps commands called by the client in apparmor.
One of the profiles confines sudo and what commands it can call. It started failing on a proxmox backup ...
0
votes
1
answer
561
views
AppArmor message spam about Discord snap in my kernel ring buffer
So I was trying to debug some stuff, and noticed that my snap installation of Discord seems to fill my kernel ring buffer with the same request which is being "DENIED" by the AppArmor.
...
2
votes
1
answer
745
views
Debian 12 App Armor Enabled but aa-status does not work. Why?
I've installed Debian 12 Bookworm recently and, as far as I could read about a fresh installation, it comes with app-armor pre-installed by default. I'm running the command aa-status as root but it's ...
1
vote
0
answers
254
views
AppArmor deny all files except specific
I want a AppArmor profile which denies a binary access to all files except .so-files/libraries and specific directories which it need access to.
#include <tunables/global>
/home/test/rust-api/...
0
votes
2
answers
2k
views
AppArmor Error preventing removing AA, Repairing AA or install new apps with Apt
AppArmor is causing problems with my system. I have AppArmor disabled now because it was preventing me from booting. I am unable to install new apt apps. When I try anyway I get...
E: dpkg was ...
0
votes
1
answer
355
views
How to allow an application in AppArmor?
I am using redshift, which has support for custom shell scripts in hooks when certain events happen. However, these hooks are not executed because of AppArmor:
[11541.395814] audit: type=1400 audit(...
1
vote
0
answers
485
views
AppArmor issues with Libvirt
I have a fresh Ubuntu Server 22.04.3 and Debian 12.1.0 installed and updated. Along with Cockpit and Cockpit virtual machines on both tests machines.
I am getting the following errors and warning when ...