On 6/22/21 5:50 PM, Seth Arnold wrote: > On Fri, Jun 18, 2021 at 12:56:10PM +0530, Ratan Gupta wrote: >> root@abc:~# systemctl status apparmor >> * apparmor.service - AppArmor initialization >> Loaded: loaded (/lib/systemd/system/apparmor.service; enabled; vendor >> preset: enabled) >> Active: inactive (dead) >> >> *Condition: start condition failed at Thu 1970-01-01 00:00:14 UTC; 51 years >> 5 months ago `- ConditionSecurity=apparmor was not met* > > Hello Ratan, I'm not entirely certain about this condition, I get > lost in the systemd sources trying to find where these conditions > are populated. Part of the equation is the value of the file > /sys/module/apparmor/parameters/enabled -- try: > > namei -l /sys/module/apparmor/parameters/enabled > cat /sys/module/apparmor/parameters/enabled > > and see what the results are, it should look something like: > > f: /sys/module/apparmor/parameters/enabled > drwxr-xr-x root root / > dr-xr-xr-x root root sys > drwxr-xr-x root root module > drwxr-xr-x root root apparmor > drwxr-xr-x root root parameters > -r--r--r-- root root enabled > > Y >
on more recent kernels is also very useful cat /sys/kernel/security/lsm and what is the value of CONFIG_LSM -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
