LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Apparmor problem
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-24-2010, 11:37 AM   #1
bartoszx
LQ Newbie
 
Registered: Sep 2010
Posts: 4

Rep: Reputation: 0
Apparmor problem

Hi List
I can't find any solution to my problem. It's hard to believe that no one met with a similar problem. Maybe I have something misconfigured.

I set up apparmor profile:
aa-genprof /usr/sbin/apache2
then I set apache2 to complain mode.
I can easly generate correct configuration with command aa-logprof.
However there are lot of apache process that are omited by aa-logprof. for example:

PHP Code:
type=APPARMOR_ALLOWED msg=audit(1287937873.591:69475):  operation="open" pid=29156 parent=29155 profile="/usr/lib/apache2/mpm-prefork/apache2//null-cd8//null-cd9" requested_mask="::r" denied_mask="::r" fsuid=33 ouid=0 name="/etc/ld.so.cache"
type=APPARMOR_ALLOWED msg=audit(1287937873.591:69476):  operation="open" pid=29156 parent=29155 profile="/usr/lib/apache2/mpm-prefork/apache2//null-cd8//null-cd9" requested_mask="::r" denied_mask="::r" fsuid=33 ouid=0 name="/lib/libc-2.11.1.so" 
Do you have idea what kind of process is /usr/lib/apache2/mpm-prefork/apache2//null-cd8//null-cd9 and how to add it to apparmor profile?
 
Old 10-30-2010, 02:51 PM   #2
mihalisla
Member
 
Registered: Jun 2006
Location: greece
Distribution: ubuntu 6.06 amd64
Posts: 132

Rep: Reputation: 15
Apparmor problem
try "/usr/lib/apache2/mpm-prefork/apache2//null-cd8//null-cd9 r,
/etc/ld.so.cache r,
/lib/libc-2.11.1.so r, "

and then reload your apparmor profile.
I don't know what this file does....
Hope that helps
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Apparmor, Still Good? helptonewbie Linux - Newbie 3 10-01-2010 04:49 AM
Feedback on AppArmor DaveInRoseville Linux - Security 1 07-30-2009 11:00 PM
AppArmor question Jordan&&&& Linux - Newbie 1 07-24-2007 06:35 AM
AppArmor and SubDomain in 10.1 Perps SUSE / openSUSE 0 08-19-2006 03:29 AM
AppArmor: a little warning Robhogg Linux - Security 1 07-06-2006 11:22 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:35 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration