AppArmor causing multiple (minor) problems - a cautionary tale
A while ago, I noticed that AppArmor was not enabled and, being prudent, I enabled it.
Meanwhile, I had been noticing some strange failures, where things worked before. Acrobat reader would not open files from my home directory (but would open files from web sites). I could no longer click on links in emails to open web pages. I could not connect to mysql on "localhost" (but could if I specified "127.0.0.1"). I could not save an email attachment to my Windows partition. I did not link any of these things to AppArmor. Indeed I didn't link them together at all!
Today, though, I noticed some entries in /var/log/messages of the form:
Jun 25 21:45:34 linux kernel: SubDomain: REJECTING w access to /var/lib/mysql/mysql.sock (httpd2-prefork(5766) profile /usr/sbin/httpd2-prefork active /usr/sbin/httpd2-prefork)
A google search showed that this entry was from AppArmor. The "linux kernel:SubDomain: REJECTING [letter] access to..." remains constant, while the endings of the entries refer to different files and programs. There were entries which would explain each of the effects I had noticed, and disabling AppArmor restored the functions.
While none of the effects was very serious, and some of them would increase security a little (at least for an incautious user), they were inconvenient. At present, I plan to learn a bit more about configuring AppArmor before enabling it again.
Rob
Last edited by Robhogg; 07-05-2006 at 05:13 PM.
|