Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 07-05-2006, 03:32 PM   #1
Registered: Sep 2004
Location: Old York, North Yorks.
Distribution: Debian 7 (mainly)
Posts: 653

Rep: Reputation: 97
AppArmor causing multiple (minor) problems - a cautionary tale

A while ago, I noticed that AppArmor was not enabled and, being prudent, I enabled it.

Meanwhile, I had been noticing some strange failures, where things worked before. Acrobat reader would not open files from my home directory (but would open files from web sites). I could no longer click on links in emails to open web pages. I could not connect to mysql on "localhost" (but could if I specified ""). I could not save an email attachment to my Windows partition. I did not link any of these things to AppArmor. Indeed I didn't link them together at all!

Today, though, I noticed some entries in /var/log/messages of the form:

Jun 25 21:45:34 linux kernel: SubDomain: REJECTING w access to /var/lib/mysql/mysql.sock (httpd2-prefork(5766) profile /usr/sbin/httpd2-prefork active /usr/sbin/httpd2-prefork)

A google search showed that this entry was from AppArmor. The "linux kernel:SubDomain: REJECTING [letter] access to..." remains constant, while the endings of the entries refer to different files and programs. There were entries which would explain each of the effects I had noticed, and disabling AppArmor restored the functions.

While none of the effects was very serious, and some of them would increase security a little (at least for an incautious user), they were inconvenient. At present, I plan to learn a bit more about configuring AppArmor before enabling it again.


Last edited by Robhogg; 07-05-2006 at 05:13 PM.
Old 07-07-2006, 12:22 AM   #2
LQ Guru
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 677Reputation: 677Reputation: 677Reputation: 677Reputation: 677Reputation: 677
You can configure which applications AppArmour handles and which don't in the YaST configuration. There are a fixed number of applications that OpenSuSE configures automatically. I think that the commercial SuSE product includes support for the rest. You could turn off AppArmour for the applications that cause a problem until configuring them yourself. That way, for some core applications, you will still be protected in the meantime.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
ld: warning drand Linux - Software 2 05-25-2010 05:03 AM
LXer: Novell's AppArmor challenges SELinux LXer Syndicated Linux News 0 02-24-2006 08:31 PM
LXer: Novell urged to build open source community around AppArmor Linux LXer Syndicated Linux News 0 01-20-2006 11:31 PM
LXer: Apparmor for Linux goes open-source LXer Syndicated Linux News 1 01-14-2006 11:06 AM
What is Novel Apparmor in SUSE Linux 10, please? cousinlucky Linux - Newbie 4 12-10-2005 08:51 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:08 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration