On Sat, Sep 09, 2017 at 08:24:40PM +0200, intrigeri wrote: > 2. For a more fine-grained approach, you can unload a profile even > after the file was removed using the securityfs e.g.: > > echo -n klogd | sudo tee /sys/kernel/security/apparmor/.remove > > … successfully unloads the klogd profile on my system. > I could not find where this is documented though :/ > > Granted, none of these is obvious, and from a user-centric perspective > "there is no way" is a valid assertion :)
We usually tell people to use:
echo "klogd { }" | apparmor_parser --remove
It's not ideal but I prefer it over having to know the kernel API.
Thanks
signature.asc
Description: PGP signature
