Ubuntu
apparmor package

  1. Bug #1525119
  2. Comment #2

Comment 2 for bug 1525119

Revision history for this message
Aki Tuomi (cmouse-desteem) wrote :

The version is, as provided in the initial message,

apparmor version 2.8.95~2430-0ubuntu5.3

Dec 11 10:24:07 gw-dc01 kernel: [2214272.912766] type=1400 audit(1449822247.549:21251): apparmor="ALLOWED" operation="file_inherit" profile="/usr/sbin/sssd//null-45" name="/var/log/sssd/ldap_child.log" pid=7112 comm="nsupdate" requested_mask="" denied_mask="" fsuid=0 ouid=0

I was able to make this all work by creating profile for /usr/bin/nsupdate and adding rule /usr/bin/nsupdate rmpx

I'll try to see if testing latest AppArmor is doable.