Christian Boltz changed bug 925681
What Removed Added
CC   asn@cryptomilk.org
Flags   needinfo?(asn@cryptomilk.org)

Comment # 3 on bug 925681 from 
The aa_change_hat manpage (only in bzr trunk, so you don't have it yet)
describes what could possibly cause this:

  EPERM

    The calling application is not confined by apparmor, the specified
    subprofile is not a hat profile, the task is being ptraced and the
    tracing task does not have permission to trace the specified 
    subprofile or the no_new_privs execution bit is enabled.


After some discussion on upstream IRC, I'd like to ask for some more
information ;-) - please attach:
- the aa-status output in working and failing state
- the exact apparmor_parser command you use (just to be sure you are using
  the right command ;-)
- audit.log from the time this error happened (there should be a message 
  about this error)
- your apache profile
- the result of   grep -r -C3 HANDLING_UNTRUSTED_INPUT /etc/apparmor.d/

You are receiving this mail because: