Difference between revisions of "Talk:AppArmor"

From ArchWiki
Jump to navigation Jump to search
Tag: Blanking
Line 1: Line 1:
== <s>Desktop notifications</s> ==
Has anyone managed to get [[AppArmor#Get desktop notification on DENIED actions]] to actually work?
When {{ic|auditd.service}} starts it changes the permissions of {{ic|/var/log/audit/}} and {{ic|/var/log/audit/audit.log}}. Even when I change ACLs so that I can read {{ic|/var/log/audit/audit.log}}, aa-notify still shows {{ic|Cannot read '/var/log/audit/audit.log'}}.
-- [[User:nl6720|nl6720]] ([[User talk:nl6720|talk]]) 10:06, 2 October 2018 (UTC)
:I'm sorry for inconvenience. I proposed different approach, see https://wiki.archlinux.org/index.php?title=AppArmor&type=revision&diff=545635&oldid=545631 . I hope this one will work.
:[[User:Teples|Teples]] ([[User talk:Teples|talk]]) 12:26, 2 October 2018 (UTC)
::Thanks, now it works for me :)  -- [[User:nl6720|nl6720]] ([[User talk:nl6720|talk]]) 17:14, 2 October 2018 (UTC)
::: AFAIK if auditd.service isn't started then there is nothing logged to /var/log/audit/audit.log so https://wiki.archlinux.org/index.php?title=AppArmor&type=revision&diff=545662&oldid=545635 doesn't make sense. I think auditd is the only process which logs there. Did you observe something different?
:::[[User:Teples|Teples]] ([[User talk:Teples|talk]]) 17:55, 2 October 2018 (UTC)
::::No, but this allows to allows to start {{ic|auditd.service}} later, after login. Without {{ic|-f /var/log/audit/audit.log}} aa-notify would try read {{ic|/var/log/kern.log}} and fail. So if {{ic|auditd.service}} is started after login, you would need to re-login for apparmor-notify.desktop to start. -- [[User:nl6720|nl6720]] ([[User talk:nl6720|talk]]) 18:01, 2 October 2018 (UTC)
:::::Ok, thx for info.
:::::[[User:Teples|Teples]] ([[User talk:Teples|talk]]) 18:58, 2 October 2018 (UTC)

Latest revision as of 14:40, 10 October 2018