On 10/20/20 9:12 AM, swarna latha wrote: > Hi, > > We are using apparmor to generate profile for a video application running in > container. > > with apparmor in complaint mode, we see the video is not streaming, and we > are not getting any apparmor logs. if we disable the apparmor profile, we see > video streaming. > > Can you please let us know the reason for this behaviour... is it due to any > permission issue or performance issue... > > if it is due to permission issue, why we are not getting apparmor logs in > this case. >
It is likely a permission issue but it is possible other parts of the kernel are interacting with apparmor what is your kernel version? As root can you enable debug mode, echo 0> /sys/module/apparmor/parameters/debug this will give some logging output with extra info for so special cases. and can youturn off audit silencing echo -n "noquiet" /sys/module/apparmor/parameters/audit this turns off deny rules silencing of denials. You can toggle these values live and do it one at a time if you like. -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor