On Fri, Dec 08, 2017 at 06:20:01PM +0200, Viacheslav Salnikov wrote: > I want to ensure that communication through unix socket is monitored by > apparmor. > What should I do to make this happen?
Hello Viacheslav, This is actually slightly complicated to answer: - Different kernels will have different kinds of mediation available. Hopefully this problem will be getting better in the future, but in the meantime, it's best to check the advertised features of the system in question: $ cat /sys/kernel/security/apparmor/features/network/af_unix yes - Different parsers will have different kinds of mediation available. The easy test is to try: $ echo "profile p { unix, }" | apparmor_parser -Qd Warning from stdin (line 1): apparmor_parser: cannot use or update cache, disable, or force-complain via stdin ----- Debugging built structures ----- Name: p Profile Mode: Enforce unix (), - Policy pinning via apparmor_parser's --features-file (-M) setting may influence what is actually compiled. I hope this helps, please don't hesitate to ask for further help. Thanks
signature.asc
Description: PGP signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor