[Apparmor-general] Firefox not confined (openSUSE 10.3)?
Marcus Meissner
meissner at suse.de
Fri Oct 12 16:24:50 MDT 2007
On Sat, Oct 13, 2007 at 12:20:43AM +0200, Malte Gell wrote:
> Hi there,
>
> I just installed openSUSE 10.3 from donwloadable DVD ISO. There are tons
> of new profiles.
>
> However, when I use Firefox and invoke
>
> rcapparmor status
>
> I get this:
>
> apparmor module is loaded.
> 10 profiles are loaded.
> 10 profiles are in enforce mode.
> /usr/sbin/ntpd
> /usr/sbin/identd
> /sbin/klogd
> /sbin/syslogd
> /sbin/syslog-ng
> /usr/sbin/traceroute
> /usr/sbin/nscd
> /usr/sbin/mdnsd
> /bin/ping
> /usr/sbin/avahi-daemon
> 0 profiles are in complain mode.
> 4 processes have profiles defined.
> 4 processes are in enforce mode :
> /usr/sbin/nscd (2919)
> /sbin/klogd (2097)
> /sbin/syslog-ng (2098)
> /usr/sbin/avahi-daemon (2696)
> 0 processes are in complain mode.
> 0 processes are unconfined but have a profile defined.
>
>
> So, Firefox seems not to be among the confined processes, what is wrong
> there or am I wrong?
This is correct, there is just a very small number of profiles enabled
by default.
/etc/apparmor/profiles/extras/ has some more, just copy over *firefox*
to /etc/apparmor.d/ and try it.
Ciao, Marcus
More information about the Apparmor-general
mailing list