AppArmor cache entries not removed when profile is deleted
Bug #1878333 reported by
Daniel Richard G.
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
This concerns apparmor 2.13.3-7ubuntu5 in Ubuntu focal.
If I delete a profile from /etc/apparmor.d/, reboot the system, and then look in /var/cache/
The same occurs if the profile is "deleted" by other means, such as symlinking it from /etc/apparmor.
This behavior caused me some consternation as I was developing an alternate profile for a program that already had one, and I continued to see old behavior even though I had removed the old profile.
Changed in apparmor (Ubuntu): | |
status: | New → Confirmed |
importance: | Undecided → Wishlist |
To post a comment you must log in.
Daniel,
Currently it is expected that manually deleting a profile also requires manual profile removal from the kernel, using an of security/ apparmor/ .remove"
- aa-remove-unknown
- apparmor_parser -R <profile before file deletion>
- sudo bash -c "echo -n '<profile_name>' > /sys/kernel/
However this does indeed currently leave behind the cache file, cluttering the file system. However once the profile is removed from the kernel the cached file should not be applied.
Can you clarify whether you removed the profile from the kernel?
Can you clarify if when you were developing the new profile whether you changed the filename from the original profile to a different filename when developing the new profile?