Apparmor profile generation, aa-genprof 28 July 2022, 13:00:17 Hi all. Installed apparmor and works as expected. But what i would wanna know as detailed as possible is how to generate a profile since programs are changing therefor apparmor profiles may need updates or rethinking.Installed audit-runit, enabled from grub 'audit=1' but when tried aa-genprof /usr/bin/mpv it asks for a syslog file. Created that file but aa-genprof does not log anything in that sylog file so i can't create any rules for mpv as example.Is apparmor so systemd dependent to the point we can't use aa-genprof or what's the trick?. Looked in extra-profiles but there's no mpv profile and all what i found looks obsolete.
Re: Apparmor profile generation, aa-genprof Reply #1 – 28 July 2022, 13:28:13 Quote from: Surf3r – on 28 July 2022, 13:00:17Hi all. Installed apparmor and works as expected. But what i would wanna know as detailed as possible is how to generate a profile since programs are changing therefor apparmor profiles may need updates or rethinking.Installed audit-runit, enabled from grub 'audit=1' but when tried aa-genprof /usr/bin/mpv it asks for a syslog file. Created that file but aa-genprof does not log anything in that sylog file so i can't create any rules for mpv as example.Is apparmor so systemd dependent to the point we can't use aa-genprof or what's the trick?. Looked in extra-profiles but there's no mpv profile and all what i found looks obsolete. I took a look at apparmor source code, and found this:Code: [Select]./profiles/apparmor.d/abstractions/base: @{run}/systemd/journal/dev-log w,My guess is that apparmor calls systemd specific commands for syslog.
Re: Apparmor profile generation, aa-genprof Reply #2 – 30 July 2022, 15:17:52 Tnx so it might mean generating a profile can be much more challenging than on soystemd distros
Topic: Apparmor profile generation, aa-genprof (Read 609 times)
previous topic - next topic
Topic: Apparmor profile generation, aa-genprof (Read 609 times)
previous topic - next topic