Also even when setting the profile to aa-complain I see:
[14406.210381] audit: type=1400 audit(1491482071.335:67): apparmor="ALLOWED" operation="setrlimit" profile="/usr/sbin/libvirtd" pid=7674 comm="libvirtd" rlimit=memlock value=2164260864
So far so good, but still the value is not raised.
As if the action never happened.
So on an ALLOWED setrlimit to pid 7674 the value afterwards is not the value set in the call.
Hrm - puzzled ...
Also even when setting the profile to aa-complain I see: 1.335:67) : apparmor="ALLOWED" operation= "setrlimit" profile= "/usr/sbin/ libvirtd" pid=7674 comm="libvirtd" rlimit=memlock value=2164260864
[14406.210381] audit: type=1400 audit(149148207
So far so good, but still the value is not raised.
As if the action never happened.
So on an ALLOWED setrlimit to pid 7674 the value afterwards is not the value set in the call.
Hrm - puzzled ...