/etc/apparmor.d/usr.bin.program:
#include <tunables/global>
/usr/sbin/program flags=(complain) {
#include <abstractions/base>
}
start program and use it
aa-logprof -f /var/log/syslog -m "STARTSCAN-TIMESTAMP FROM SYSLOG"
Answer the questions and save it.
if no audit logs occur remove "flags=(complain)"
reload a rule: apparmor_parser -r usr.bin.program
[ view entry ] ( 775 views ) | print article
<<First <Back | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | Next> Last>>