[Apparmor-general] aa-genprof: UNHANDLED
Seth Arnold
seth.arnold at suse.de
Fri Jun 15 16:11:06 MDT 2007
On Fri, Jun 15, 2007 at 04:45:16PM -0300, Andreas Hasenack wrote:
> I'm trying aa-genprof on /sbin/rpcbind (portmapper substitute) but get
> nothing out of it. When enabling debug, I see that all events are
> tagged as UNHANDLED:
>
> (...)
> UI_Info: text: Reading log entries from /var/log/messages.
> UI_Info: text: Updating AppArmor profiles in /etc/apparmor.d.
> UNHANDLED: Jun 15 16:40:53 pandora kernel: audit(1181936453.840:61):
> PERMITTING w access to /var/run/rpcbind.lock (15782 profile
> /sbin/rpcbind active /sbin/rpcbind)
Andreas, try adding --with-apparmor to the audit ./configure command.
The userspace side of audit doesn't automatically include all the
strings for the message id ranges.
Let me know if this doesn't do it, and I'll dig harder ;)
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://forge.novell.com/pipermail/apparmor-general/attachments/20070615/d292a3fc/attachment.pgp
More information about the Apparmor-general
mailing list