Re: No "type=APPARMOR_ALLOWED/DENIED" logs

To: debian-user@lists.debian.org
Subject: Re: No "type=APPARMOR_ALLOWED/DENIED" logs
From: didier.gaumet@gmail.com
Date: Mon, 6 Jul 2020 14:42:24 -0700 (PDT)
Message-id: <[🔎] ce96f371-7245-4c2c-88b6-8cf7b043fe42o@googlegroups.com>
In-reply-to: <ApGxb-FS-11@gated-at.bofh.it>
References: <[🔎] MBVNNHW--3-2@tuta.io> <Apibw-2pz-9@gated-at.bofh.it> <[🔎] c438e9ba-83a7-4ab6-8646-4dfcbbc00323o@googlegroups.com> <[🔎] MB_xDLz--3-2@tuta.io>

OK, I have read a little bit :-)

Now I understand better the difference between enforce (for production) and complain (for testing/setup) modes and that they are mutually exclusive.

man aa-genprof seems to indicate that the complain mode is set only during the generation of the profile: when aa-genprof exits the profile is in enforce mode.

man -s7 apparmor seems to indicate (DEBUGGING section) that for the DENY messages to appear, you have to "Turn off deny audit quieting" and for the ALLOW messages to appear you have to "Force audit mode"

Good luck :-)

Reply to:

Follow-Ups:
- Re: No "type=APPARMOR_ALLOWED/DENIED" logs
  - From: l0f4r0@tuta.io

References:
- No "type=APPARMOR_ALLOWED/DENIED" logs
  - From: l0f4r0@tuta.io
- Re: No "type=APPARMOR_ALLOWED/DENIED" logs
  - From: didier.gaumet@gmail.com
- Re: No "type=APPARMOR_ALLOWED/DENIED" logs
  - From: l0f4r0@tuta.io

Prev by Date: Re: Very old hardware...
Next by Date: Firefox non-ESR update needed
Previous by thread: Re: No "type=APPARMOR_ALLOWED/DENIED" logs
Next by thread: Re: No "type=APPARMOR_ALLOWED/DENIED" logs
Index(es):
- Date
- Thread