Problem:
Sometimes in the /var/log/kern.log, you will get lots of Apparmor messages showing DENIED of certain profile.
Example:
Apr 13 15:52:46 user-x8sti kernel: [15722.914324] audit: type=1400 audit(1649836366.541:15993): apparmor="DENIED" operation="open" profile="snap.net-snmp.snmpd" name="/proc/sys/net/ipv6/conf/lo/forwarding" pid=895 comm="snmpd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Apr 13 15:52:46 user-x8sti kernel: [15722.914336] audit: type=1400 audit(1649836366.541:15994): apparmor="DENIED" operation="open" profile="snap.net-snmp.snmpd" name="/proc/sys/net/ipv6/neigh/lo/base_reachable_time_ms" pid=895 comm="snmpd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Solution.
Look for the location of the profile then run the apparmor_parser -R command to suppress those messages. -R means to remove the profile.
Example:
apparmor_parser -R /var/lib/snapd/apparmor/profiles/snap.net-snmp.snmpd
No comments:
Post a Comment