Christian Boltz wrote: > Hello, > > Am Mittwoch, 4. Juli 2018, 01:58:19 CEST schrieb [email protected]: > > New question: Why is it that when I add > > flags=(attach_disconnected) to a nested profile, and then run > > aa-enforce to load it, the flag clause disappears from the > > profile source code? > > As John already wrote, this is a bug in aa-enforce, aa-complain and > possibly also in aa-audit. > > Regards, > Christian Boltz
Thanks to both of you. If I put the flags clause only in the nested profile that needs it and then load the profile with apparmor_parser -r instead of aa-enforce/aa-complain, the profile source file remains as I left it and it seems ok. I just need to remember not to use aa-complain/aa-enforce for that profile. Suggestion: It would be good if aa-status --verbose showed flags (other than complain/enforce which are already shown). cheers, raf -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
