You are not logged in.
- Topics: Active | Unanswered
#1 2023-08-21 19:16:23
- MetaKnight
- Member
- Registered: 2017-01-29
- Posts: 2
apparmor aa-genprof/aa-logprof unable to read audit.log
attempting to generate an apparmor profile last night resulted in an empty file (aside from the default stuff aa-genprof adds to a file).
auditd.conf log_group is set to wheel
user is in wheel group (should only matter for user reading audit.log)
/var/log/audit.log permissions are set to 640 root:wheel
a temporary fix was to change the permissions of audit.log to world readable. aa-genprof worked like normal after this change. I'd assume apparmor would have root file access, is that incorrect?
I was wondering whether this is an issue with apparmor or whether I'm configuring something wrong. I feel like I've done everything right but apparmor just doesn't have the right permissions to read the audit.log.
has anyone else had this issue? I can't seem to find anything related to it on the internet aside from apparmor having issues parsing the file but that doesn't seem to be the case here.
Offline