[opensuse] Apparmour yast wizzard fails to see events.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have these events: cer@Telcontar:~> grep audit /var/log/messages | grep DENIED | grep -i dovecot <0.5> 2013-06-16 01:05:48 Telcontar kernel - - - [176548.548279] type=1400 audit(1371337548.983:1159): apparmor="DENIED" operation="exec" parent=1 profile="/usr/sbin/dovecot" name="/usr/bin/doveconf" pid=12892 comm="dovecot" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 <0.5> 2013-06-16 01:08:10 Telcontar kernel - - - [176689.770610] type=1400 audit(1371337690.205:1196): apparmor="DENIED" operation="exec" parent=1 profile="/usr/sbin/dovecot" name="/usr/bin/doveconf" pid=13310 comm="dovecot" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 cer@Telcontar:~> Yet YaST says there are no events. I have to set those profiles to complain, or dovecot fails. And those are not the only ones: <0.5> 2013-06-16 14:07:49 Telcontar kernel - - - [ 2131.773370] type=1400 audit(1371384469.493:259100): apparmor="DENIED" operation="capable" parent=1 profile="/usr/sbin/nscd" pid=1508 comm="nscd" pid=1508 comm="nscd" capability=36 capname="block_suspend" <0.5> 2013-06-16 14:07:50 Telcontar kernel - - - [ 2132.386954] type=1400 audit(1371384470.105:259101): apparmor="DENIED" operation="capable" parent=1 profile="/usr/sbin/nscd" pid=1508 comm="nscd" pid=1508 comm="nscd" capability=36 capname="block_suspend" <0.5> 2013-06-16 14:10:49 Telcontar kernel - - - [ 2311.509352] type=1400 audit(1371384649.228:259675): apparmor="DENIED" operation="capable" parent=1 profile="/usr/sbin/nscd" pid=1508 comm="nscd" pid=1508 comm="nscd" capability=36 capname="block_suspend" - -- Cheers Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEUEARECAAYFAlG9rKQACgkQtTMYHG2NR9XtoQCfWLbRzmrADTuqbi+Iayw8nN4F EZ0Al2DJtg3SrU9jOVQ92W+H+ZcXgII= =YPYa -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sunday 16 of June 2013 14:16:36 Carlos E. R. wrote:
I have these events:
Yet YaST says there are no events. I have to set those profiles to complain, or dovecot fails.
Try systemctl enable auditd.service, systemctl start auditd.service. aa- logprof reads the log in /var/log/audit/audit.log, not /var/log/messages.
-- Cheers
Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar)
Regards, Peter -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday, 2013-06-16 at 18:32 +0300, auxsvr@gmail.com wrote:
On Sunday 16 of June 2013 14:16:36 Carlos E. R. wrote:
I have these events:
Yet YaST says there are no events. I have to set those profiles to complain, or dovecot fails.
Try systemctl enable auditd.service, systemctl start auditd.service. aa- logprof reads the log in /var/log/audit/audit.log, not /var/log/messages.
Ahhh! Either YaST or systemd forgot to do this. It works now. Had to update the dovecot profile two times, and restart it, or pine got stuck reading. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlG95mcACgkQtTMYHG2NR9V6dQCfV9rznAyg3omBk7zvY/TRlRIE /bcAn0+ZbECLy5srNzCvuNLrarr+tlm0 =OOXZ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 06/16/2013 12:23 PM, Carlos E. R. wrote:
Ahhh! Either YaST or systemd forgot to do this. It works now.
It is YAST that forgets things, it needs love ;) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday, 2013-06-20 at 02:11 -0400, Cristian Rodríguez wrote:
On 06/16/2013 12:23 PM, Carlos E. R. wrote:
Ahhh! Either YaST or systemd forgot to do this. It works now.
It is YAST that forgets things, it needs love ;)
Indeed, the flagship is flooded. I know friends, using Debian I believe, that despise openSUSE because of yast, can not stand the sight of it because they say they can not change things without yast medling. On the contrary, openSUSE lovers love it because of YaST. No Yast, no love... - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlHCvVMACgkQtTMYHG2NR9XlxwCeM/3jnTlxThRbT9YMkJrfk00v wMUAoI6N3WAazhmkP+yd0lE7+SXDCIGj =hMC6 -----END PGP SIGNATURE-----
participants (3)
-
auxsvr@gmail.com -
Carlos E. R. -
Cristian Rodríguez