Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#36501 - Systemd services and apparmor don't work together
Attached to Project:
Arch Linux
Opened by Philipp Sieweck (psi) - Monday, 12 August 2013, 09:20 GMT
Last edited by Dave Reisner (falconindy) - Monday, 12 August 2013, 11:35 GMT
Opened by Philipp Sieweck (psi) - Monday, 12 August 2013, 09:20 GMT
Last edited by Dave Reisner (falconindy) - Monday, 12 August 2013, 11:35 GMT
|
DetailsDescription: Systemd services for which an apparmor profile exists are often not enforced, because systemd starts them earlier than the apparmor service.
Known cases where that happens with predefined profiles: /usr/bin/cupsd (copied from /etc/apparmor/profiles/extras/) /usr/bin/ntpd (from apparmor-profiles package) Both services get started before the apparmor service has a chance to confine them. When restarted manually, confinement works. Additional info: * package version(s) apparmor 2.8.1-2 apparmor-libapparmor 2.8.1-2 apparmor-pam 2.8.1-2 apparmor-parser 2.8.1-2 apparmor-profiles 2.8.1-2 apparmor-utils 2.8.1-2 linux-apparmor 3.10.5 (AUR) (for utilities to work. enforcement should work with ARCH kernel, too). |
This task depends upon
Closed by Dave Reisner (falconindy)
Monday, 12 August 2013, 11:35 GMT
Reason for closing: Won't fix
Additional comments about closing: Apparmor userland utils are AUR toys and are unsupported.
Monday, 12 August 2013, 11:35 GMT
Reason for closing: Won't fix
Additional comments about closing: Apparmor userland utils are AUR toys and are unsupported.