I think I'm happy that it's been fixed. I was able to figure out the
"root cause" for the troubles, so I don't need aa-genprof and aa-
logprof at all for this. It is bit bad though that there is no tool that
would just show you the rules it would generate instead of updating
profile directory.
--
The version is, as provided in the initial message,
apparmor version 2.8.95~2430-0ubuntu5.3
Dec 11 10:24:07 gw-dc01 kernel: [2214272.912766] type=1400
audit(1449822247.549:21251): apparmor="ALLOWED" operation="file_inherit"
profile="/usr/sbin/sssd//null-45" name="/var/log/sssd/ldap_child.log"
pid
Public bug reported:
I am trying to write apparmor profile to match my sssd usage,
unfortunately it seems I cannot tell sssd to permit things it needs.
apparmor version 2.8.95~2430-0ubuntu5.3
Description:Ubuntu 14.04.3 LTS
Release:14.04
The complaints in log:
Dec 11 10:24:07 gw-dc01
3 matches
Mail list logo
