seduction
 Language:
Welcome, Guest. Please login or register.
Did you miss your activation email?
2020/09/30, 09:21:00


Help

Author [EN] [PL] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] Topic: apparmor and systemd  (Read 636 times)

0 Members and 1 Guest are viewing this topic.

Offline HallPi

  • Newbie
  • Posts: 4
apparmor and systemd
« on: 2018/08/25, 17:54:42 »
Apparmor is right now blocking some activities from snapd which completely blocks lxd for me. So I tried to use some apparmor tools like  aa-genprof to get a feeling for apparmor and perhaps find the problem. But on a pure systemd installation this seems impossible. These tools expect log-files like /var/log/syslog  etc. which obviously don't exist anymore. Is there a possibility to have apparmor tools that accept systemd-journal realities or what else can I do?

KRHallPi

Offline melmarker

  • Global Moderator
  • User
  • *****
  • Posts: 2.800
    • g-com.eu
Re: apparmor and systemd
« Reply #1 on: 2018/08/25, 19:06:18 »
dead easy - use the distribution that invented snapd
Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. (Benjamin Franklin, November 11, 1755)
Never attribute to malice that which can be adequately explained by stupidity. (Hanlons razor)

Offline HallPi

  • Newbie
  • Posts: 4
Re: apparmor and systemd
« Reply #2 on: 2018/08/25, 20:02:28 »
How does that help me with apparmor and Debian??  My question was not concerning snap - I  have already fixed that for the moment - but concerning apparmor. Seems Debian has decided to use  apparmor (see: https://wiki.debian.org/AppArmor/Progress). So I would like to play a bit with the tools to get a better understanding.

KR
HallPi

Offline melmarker

  • Global Moderator
  • User
  • *****
  • Posts: 2.800
    • g-com.eu
Re: apparmor and systemd
« Reply #3 on: 2018/08/25, 20:11:53 »
thats also easy - if apparmor is activated and there are rules missed for some packages - write them, bonus point for upstream them to debian.

Misunderstood the snapd part - the sane way would be: help to get lxd into debian, but thats not an easy task. To get a full working LXD that will need some changes in the kernel, the right now missed dependencies packaged and of course zfs as preferred storage in debian. Not that easy.
Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. (Benjamin Franklin, November 11, 1755)
Never attribute to malice that which can be adequately explained by stupidity. (Hanlons razor)