-
Komentarze dla postu: https://morfikov.github.io/post/apparmor-profilowanie-aplikacji/
-
In https://github.com/containers/common/commit/1aedc12e356cfd29a5bb54d94e9b2e09da3649ca you added the following signal rules to the AppArmor profile:
```
# Allow certain signals from OCI runtime…
-
Executing in the enforce mode
```
mount /dev/sda2 /root/mnt/test
```
prints
```
fuse: mount failed: Permission denied
```
Log:
```
apparmor="ALLOWED" operation="file_inherit" class…
-
-
```
Hi.
Please add apparmor (http://apparmor.wiki.kernel.org/)
status reading support (at least):
# cat /proc/29752/attr/current
/usr/sbin/httpd.prefork//HAT_owner_22753 (enforce)
which means tha…
-
I would like to apply the `/etc/apparmor.d/enroot` that is found on the `kind` host to the worker nodes. I can see that from a worker node that `/sys/module/apparmor/parameters/enabled` is set to `Y` …
mbana updated
3 months ago
-
## repro
**Step 1:** mount and work with FUSE inside sysbox containers:
```
docker run --cap-add SYS_ADMIN --security-opt=apparmor=unconfined --device /dev/fuse --runtime=sysbox-runc -it gabri…
-
**Description**
libvirtd on the hypervisor restarts every 10 minutes under the user 'oneadmin,' while there is already a process running under the root user.
```
root 8590 0.6 0.0 1632864 47432 ? Ssl…
-
platform: Ubuntu 14.10 desktop x64
related apps installed: apparmor, apparmor-docs, apparmor-notify, apparmor-profiles, apparmor-utils
run: sudo tlsdate -V
The output in the terminal appears correct…
-
I was trying to use LXC/LXD and got the following error:
```
$ sudo grep -A 3 'Incomplete AppArmor support' /var/log/lxd/ubuntu-64/lxc.log
lxc 1454291081.339 WARN lxc_apparmor - lsm/a…