On Tuesday, August 16, 2011 02:43:37 PM Christian Boltz wrote:
There is aa-notify (accidently named /usr/sbin/aa-apparmor_notify in 11.4). Unfortunately it is underdocumented :-( and since it needs to start as root (for read permissions on audit.log), it should probably be started by init/systemd.
There's a bit of configuration needed, I can write about the details if someone is interested. It works (well, see next paragraph) and gives you nice desktop notifications.
Unfortunately a security feature of aa-notify strikes back - it drops privileges after startup and then can't access /var/log/audit/ anymore. I'm just sorting that out with Jamie (one of the AppArmor developers). Unless there is a patch, the workaround is chmod 755 /var/log/audit/ (or better use chgrp trusted and chmod 750) Well now, then we just need to get this working then. That will be a massive boon. Quite frankly I can't imagine why this wouldn't have been a priority. The majority of Linux/openSUSE users I know are home desktop users. In fact, I only know one person who uses a non-enterprise supported Linux in a corporate space... which is openSUSE proudly enough. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org