On 2018-06-13 11:14, cagsm wrote:
Some test machine, I can not exactly tell if apparmor was working on 42.3 where the machine came from, or even earlier 42.2 before that.
Default install, guess apparmor comes with that. Kde desktop.
AA has been installed since many years, but perhaps not enabled by default. AA basically is a tool to confine attacks to your machine with very small performance penalty. The tools tell the kernel what to allow an application to do. Say a daemon that typically reads things in /etc and writes some status to /var. Suddenly it tries to write to /bin - well, it is forbidden to do it, and you get an alert. It is possible that the daemon is compromised.
there was just an apparmor update I have noticed in zypper ref zypper up right now, maybe it will fix things, but I dont even know where to start fixing this: I have never taken any steps towards config files or settings of apparmor, so on the user side of this, I have never touched a thing (tm).
The first thing is update. If there are errors in apparmour, tell bugzilla.
What is apparmor for normal users about exactly and how would one reset it to default, whyever or whenever those defaults changed to nonworking config, and how would one overcome such situations? Is apparmor even needed for normal users? I guess it it because suse distro decided to install it for me.
Well, I would run "aa-logprof" and carefully apply changes. It is complicated to explain here. Instead, read the documentation: <https://doc.opensuse.org/documentation/leap/security/html/book.security/part.apparmor.html> -- Cheers / Saludos, Carlos E. R. (from openSUSE, Leap 15.0 x86_64 (ssd-test)) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org