Citát Sylvain Leroux :
Thanks azur,
On 11/01/2020 08:25, azu...@pobox.sk wrote:
just put this in /etc/apparmor.d/local/usr.bin.thunderbird :
owner @{HOME}/.signature.d/** r,
My issue is I don't want to change the system configuration.
This isnt' possible. That file is used to local
Hi,
just put this in /etc/apparmor.d/local/usr.bin.thunderbird :
owner @{HOME}/.signature.d/** r,
azur
Citát Sylvain Leroux :
Hi everyone,
I'm a seasoned Linux administrator but I have little prior experience
with AppArmor. FWIW, I already have asked this question on the
SuperUser
Citát Arkadiusz Miśkiewicz :
On Tuesday 06 of March 2018, azu...@pobox.sk wrote:
Hi,
i'm trying to allow users to run applications like ps or htop while
seeing only their own processes. Htop, for example, needs read
permission to /proc//cmdline BUT when a process changes uid
Hi,
i'm trying to allow users to run applications like ps or htop while
seeing only their own processes. Htop, for example, needs read
permission to /proc//cmdline BUT when a process changes uid from
root to user, this happens:
- directory /proc// is correctly owned by user
- file
Citát John Johansen :
On 12/07/2017 02:00 PM, azu...@pobox.sk wrote:
Hi,
i have this rule in my profile:
owner /etc/passwd r,
Problem is, that application is running under lots of different
UIDs and all of them are trying to access /etc/passwd (which is not
Hi,
i have this rule in my profile:
owner /etc/passwd r,
Problem is, that application is running under lots of different UIDs
and all of them are trying to access /etc/passwd (which is not needed,
only master process, running under root, needs it). How to get rid of
the noise in the logs?
Citát Seth Arnold :
On Wed, Aug 24, 2016 at 09:10:35PM +0200, azu...@pobox.sk wrote:
>On Wed, Aug 24, 2016 at 10:46:49AM +0200, azu...@pobox.sk wrote:
>> owner=fred
can i, somehow, speed up the implementation? To financially sponsor it for
example?
Not that i
Citát Seth Arnold :
On Wed, Aug 24, 2016 at 10:46:49AM +0200, azu...@pobox.sk wrote:
owner=fred
owner=1001
owner=(fred)
owner=(fred george)
owner=(fred 1001)
Is this still not supported? If not, when it will be? Is support missing
only in userspace tools or
Hi,
this is written in AppArmor wiki (
http://wiki.apparmor.net/index.php/AppArmor_Core_Policy_Reference ):
===
extended ownership tests (not currently supported)
If the optional equal operator is used then, the test is not against
the euid/fsuid but that the object has the same uid as
Hi,
i'm trying to create some kind of RBAC system for web applications using
apparmor + mod_apparmor (Apache web server). mod_apparmor is able to assing
different hats for different URIs, which is kinda cool. The problem is that i
want to use the same hats for different users/domains
Hi,
does apparmor supports nested child profiles or child profiles inside hats? I'm
asking because i'm having problems with execution using 'cx' permission inside
a hat. I'm unable to create a child profile directly inside hat because of this
error:
apparmor_parser: Unable to replace test.
Hi,
is there a way how can i deny symlinks creation? Thank you.
azur
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
On 08/07/2013 05:29 AM, azurIt wrote:
Hi,
i'm trying to use mod_apparmor in Apache but every request is creating new
profile inside kernel, which looks like this:
/usr/lib/apache2/mpm-itk/apache2//DEFAULT_URI//null-1001
/usr/lib/apache2/mpm-itk/apache2//DEFAULT_URI//null-1003
Hi,
i'm having problems with audit rule modifier - it's just not
working when used alone. I'm trying to enable only logging with
this:
audit /home/** a,
audit /home/** w,
By only logging you mean logging of an access but not granting
permission?
I mean logging of an access AND
Hi,
i'm having problems with audit rule modifier - it's just not
working when used alone. I'm trying to enable only logging with
this:
audit /home/** a,
audit /home/** w,
By only logging you mean logging of an access but not granting
permission?
I mean logging of an access AND
Hi,
i'm having problems with audit rule modifier - it's just not working when used
alone. I'm trying to enable only logging with this:
audit /home/** a,
audit /home/** w,
By only logging you mean logging of an access but not granting permission?
I mean logging of an access AND granting
Hi,
i'm having problems with audit rule modifier - it's just not working when used
alone. I'm trying to enable only logging with this:
audit /home/** a,
audit /home/** w,
By only logging you mean logging of an access but not granting permission?
I mean logging of an access AND granting
Hi,
i'm having problems with audit rule modifier - it's just not working
when used alone. I'm trying to enable only logging with this:
audit /home/** a,
audit /home/** w,
By only logging you mean logging of an access but not granting
permission?
I mean logging of an access AND
Hi,
i'm having problems with audit rule modifier - it's just not working
when used alone. I'm trying to enable only logging with this:
audit /home/** a,
audit /home/** w,
By only logging you mean logging of an access but not granting
permission?
I mean logging of an access AND
Hi,
i'm having problems with audit rule modifier - it's just not working when
used alone. I'm trying to enable only logging with this:
audit /home/** a,
audit /home/** w,
By only logging you mean logging of an access but not granting permission?
I mean logging of an access AND granting
20 matches
Mail list logo