aa-logprof ignoring php-fpm changehat entries
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
New
|
Undecided
|
Unassigned |
Bug Description
I have recently created a php-fpm profile and accompanying changehats, all based on the profile currently sitting in the master git repository. I changed the include lines back to being prefixed with a hash and removed the 'if exists' statements.
After testing, the profiles do appear to be working and aa-status lists them as in complain mode. However, when I run aa-logprof, it ignores any entries for the changehats... for example
Oct 21 00:42:23 websrv1 kernel: [29945.776637] audit: type=1400 audit(160323734
...is not picked up, nor many other like it. This applies to all of the 5 changehats that I have so far created profiles for.
The changehats are in a subfolder called php-fpm.d and the necessary include entered in the main profile.
I should have mentioned, I'm currently running Ubuntu Server 20.04 with all updates applied.
The version of apparmor and apparmor-utils installed is 2.13.3-7ubuntu5.1