Hello Harry, thanks for the profile additions.

Note that the "//null-" portion of the profiles represents a missing
execution permission line in the profile. When in enforce mode, the
execution would be denied. When in complain mode, the execution is
allowed, and the //null- is tacked on, with the path to the next
executable.

So these rules represent what might have been running at the moment --
and may *not* represent what the state will be on your next reboot, or
service restart.

You'll probably need to amend the signal line to:

signal (send) peer="/usr/sbin/sssd",

You'll probably want to try a service restart or reboot at a time of
your choosing, soon, to handle any other instances of this.

Thanks again

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884980

Title:
  patch so apparmor complain->enforcing

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1884980/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to