Re: Apparmor: 1 processes are unconfined but have a profile defined

To: debian-user@lists.debian.org
Subject: Re: Apparmor: 1 processes are unconfined but have a profile defined
From: didier gaumet <didier.gaumet@gmail.com>
Date: Mon, 2 Aug 2021 00:23:30 -0700 (PDT)
Message-id: <[🔎] 434130ce-ed6f-4b90-a35b-eac88df5f8ccn@googlegroups.com>
In-reply-to: <CHxho-6Kq-3@gated-at.bofh.it>
References: <CAMhqiMraK-5ZBCH6vCgRjcMNrkT9e7yHN7pF72ML_ipvLZPO2A@mail.gmail.com> <[🔎] CAMhqiMpOMfSJpFTuZNqYAGGr68pr2A7sPm7NVDUnvUGEJKGcAA@mail.gmail.com>

Le lundi 2 août 2021 à 06:00:05 UTC+2, Ratan Gupta a écrit :
[...]
> In my case it is not at all complaining as it is because the process is unconfined.
[...]

If I am not mistaken, the purpose of the complain mode is precisely to inform about policy violations without forbidding them (forbidding, that is the purpose of the enforce mode). So, to me, there is no contradiction between complaining and unconfined

I am not knowledgeable enough to really help you in this matter, so I would suggest you to take a look at the AppArmor doc:
- Profiling_with_tools
https://gitlab.com/apparmor/apparmor/-/wikis/Profiling_with_tools
- or Profiling_by_hand, if you prefer
https://gitlab.com/apparmor/apparmor/-/wikis/Profiling_by_hand
- AppArmorMonitoring
https://gitlab.com/apparmor/apparmor/-/wikis/AppArmorMonitoring

Good luck ;-)

Reply to:

References:
- Re: Apparmor: 1 processes are unconfined but have a profile defined
  - From: Ratan Gupta <ratankgupta31@gmail.com>

Prev by Date: Re: what binds to port
Next by Date: Re: what binds to port
Previous by thread: Re: Apparmor: 1 processes are unconfined but have a profile defined
Next by thread: Re: runc CVEs in docker.io
Index(es):
- Date
- Thread