Hello Alex,
i get
DENIED unconfined change_profile systemd info="label not found" comm=systemd error=-2
every time in aa-log. (using Arch with apparmor.d.enforced and hardened kernel)
I searched for the term unconfined in /var/log/audit/audit.log and get:
r.txt
dmesg reports:
[ 7.153774] audit: type=1400 audit(1776068481.340:37): apparmor="STATUS" operation="profile_load" profile="unconfined" name="bwrap" pid=1 comm="systemd" ns="glycin"
[ 7.153779] audit: type=1300 audit(1776068481.340:37): arch=c000003e syscall=1 success=yes exit=46316 a0=7 a1=87dff08a890 a2=b4ec a3=0 items=0 ppid=0 pid=1 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd" exe="/usr/lib/systemd/systemd" subj=unconfined key=(null)
[ 7.153782] audit: type=1327 audit(1776068481.340:37): proctitle="/init"
[ 7.154680] audit: type=1400 audit(1776068481.341:38): apparmor="STATUS" operation="profile_load" profile="unconfined" name="loaders" pid=1 comm="systemd" ns="glycin"
[ 7.154690] audit: type=1300 audit(1776068481.341:38): arch=c000003e syscall=1 success=yes exit=31009 a0=7 a1=87dff0515f0 a2=7921 a3=0 items=0 ppid=0 pid=1 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd" exe="/usr/lib/systemd/systemd" subj=unconfined key=(null)
[ 7.154693] audit: type=1327 audit(1776068481.341:38): proctitle="/init"
[ 7.160279] audit: type=1400 audit(1776068481.344:39): apparmor="STATUS" operation="profile_load" profile="unconfined" name="ControlPanel" pid=1 comm="systemd"
[ 7.160292] audit: type=1300 audit(1776068481.344:39): arch=c000003e syscall=1 success=yes exit=208101 a0=7 a1=6ac6704d7010 a2=32ce5 a3=0 items=0 ppid=0 pid=1 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd" exe="/usr/lib/systemd/systemd" subj=unconfined key=(null)
[ 7.160295] audit: type=1327 audit(1776068481.344:39): proctitle="/init"
[ 7.164299] audit: type=1400 audit(1776068481.349:40): apparmor="STATUS" operation="profile_load" profile="unconfined" name="NetworkManager" pid=1 comm="systemd"
[ 9.159523] systemd[1]: Successfully loaded all binary profiles from AppArmor early policy cache (/etc/apparmor/earlypolicy/2b809d0d.0).
[ 9.525758] systemd[1]: systemd 260.1-1-arch running in system mode (+PAM +AUDIT -SELINUX +APPARMOR -IMA +IPE +SMACK +SECCOMP +G
CRYPT +GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 +KMOD +LIBCRYPTSETUP +LIBCRYPTSETUP_PLUGINS +LIBFDISK +PCRE2 +PWQUA
LITY +P11KIT +QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK +BTF +XKBCOMMON +UTMP +LIBARCHIVE)
Do you know what could be the cause? Apparmor 4.1.7?
Hello Alex,
i get
DENIED unconfined change_profile systemd info="label not found" comm=systemd error=-2
every time in aa-log. (using Arch with apparmor.d.enforced and hardened kernel)
I searched for the term unconfined in /var/log/audit/audit.log and get:
r.txt
dmesg reports:
[ 7.153774] audit: type=1400 audit(1776068481.340:37): apparmor="STATUS" operation="profile_load" profile="unconfined" name="bwrap" pid=1 comm="systemd" ns="glycin"
[ 7.153779] audit: type=1300 audit(1776068481.340:37): arch=c000003e syscall=1 success=yes exit=46316 a0=7 a1=87dff08a890 a2=b4ec a3=0 items=0 ppid=0 pid=1 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd" exe="/usr/lib/systemd/systemd" subj=unconfined key=(null)
[ 7.153782] audit: type=1327 audit(1776068481.340:37): proctitle="/init"
[ 7.154680] audit: type=1400 audit(1776068481.341:38): apparmor="STATUS" operation="profile_load" profile="unconfined" name="loaders" pid=1 comm="systemd" ns="glycin"
[ 7.154690] audit: type=1300 audit(1776068481.341:38): arch=c000003e syscall=1 success=yes exit=31009 a0=7 a1=87dff0515f0 a2=7921 a3=0 items=0 ppid=0 pid=1 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd" exe="/usr/lib/systemd/systemd" subj=unconfined key=(null)
[ 7.154693] audit: type=1327 audit(1776068481.341:38): proctitle="/init"
[ 7.160279] audit: type=1400 audit(1776068481.344:39): apparmor="STATUS" operation="profile_load" profile="unconfined" name="ControlPanel" pid=1 comm="systemd"
[ 7.160292] audit: type=1300 audit(1776068481.344:39): arch=c000003e syscall=1 success=yes exit=208101 a0=7 a1=6ac6704d7010 a2=32ce5 a3=0 items=0 ppid=0 pid=1 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd" exe="/usr/lib/systemd/systemd" subj=unconfined key=(null)
[ 7.160295] audit: type=1327 audit(1776068481.344:39): proctitle="/init"
[ 7.164299] audit: type=1400 audit(1776068481.349:40): apparmor="STATUS" operation="profile_load" profile="unconfined" name="NetworkManager" pid=1 comm="systemd"
[ 9.159523] systemd[1]: Successfully loaded all binary profiles from AppArmor early policy cache (/etc/apparmor/earlypolicy/2b809d0d.0).
[ 9.525758] systemd[1]: systemd 260.1-1-arch running in system mode (+PAM +AUDIT -SELINUX +APPARMOR -IMA +IPE +SMACK +SECCOMP +G
CRYPT +GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 +KMOD +LIBCRYPTSETUP +LIBCRYPTSETUP_PLUGINS +LIBFDISK +PCRE2 +PWQUA
LITY +P11KIT +QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK +BTF +XKBCOMMON +UTMP +LIBARCHIVE)
Do you know what could be the cause? Apparmor 4.1.7?