Euask
A community for mutual assistance and knowledge sharing

How to disable notification for complain mode's profile violation notification? Reward $1
Created by Aravi, 78 days ago, 488 views

This is related to my previous question.

http://www.euask.com/topic/9014-Ubuntu-apparmor-issue-It-says-denied-smbd-services-smbd-in-complains-mode-How-can-i-solve-this

I have installed appArmor notify to find out if any thing is blocked by appArmor. But it have landed me in a big trouble. I am getting notification every few mins.

How to disalbe the complain mode's profile violation nofitication without disturbing other apparmor notification?

Operating system is Ubuntu 16.04.3 LTS 64bits.
Facebook Twitter Google+ Addthis

√ Best Answer

1

ha1478 days ago

@Aravi

No problem..the bug can only be fixed by smb team...yeah check the security risks, notification service (apparmor-notify )
https://wiki.archlinux.org/index.php/AppArmor


firejail
https://firejail.wordpress.com/
https://firejail.wordpress.com/documentation-2/
https://firejail.wordpress.com/documentation-2/basic-usage/#private

  • downvote

2

ha1478 days ago

@Aravi

Profiles in complain mode don't enforce any profile rules, just log violation attempts.


How to disable a particular AppArmor profile on Ubuntu
http://ask.xmodulo.com/disable-particular-apparmor-profile-ubuntu.html

Configuring Security Event Notification
https://www.novell.com/documentation/apparmor/apparmor201_sp10_admin/data/bx5dcog.html

https://help.ubuntu.com/community/AppArmor

Apparmor and its usage
https://wiki.itcollege.ee/index.php/Apparmor_and_its_usage

Ubuntu Linux: Disable Apparmor For Specific Profile / Service Such As Mysqld Server
https://www.cyberciti.biz/faq/ubuntu-linux-howto-disable-apparmor-commands/


Intro to Ubuntu Apparmor and How to Configure Apparmor Profiles
http://www.thegeekstuff.com/2014/03/apparmor-ubuntu/

  • downvote

3

Aravi78 days ago

Hi @ha14

Let us understand what it is. In linux os, apparmor just similar to windows defender.It is mandatory access control (MAC).

smbd is related to remote access service which supports windows machine. So I don't want smbd profile out of apparmor. complain mode's logs are minimum required to track.

Apart from apparmor (which is MAC) their is a optional tool called apparmor notification (aa-notify) (notification service for apparmor).

My major concern is that I want to disable its message for complain mode's violation report.

I can't afford to disable apparmor notification completely. Because, in case of blocking, I will land in problem. As I am a new Linux user.

  • downvote

4

Aravi78 days ago

@ha14
Friend, just I found the exact problem. Currently samba services are running in user level. This is the problem because the folder /run/samba/msg.lock is owned by root. It is privilege issue.

  • downvote

5

ha1478 days ago

@Aravi


reinstall Samba!!!

  • downvote

6

Aravi78 days ago

hi @ha14

find final solution.

1) samba/msg.lock is known issue and reported bug to smb team. So no way to fix it. Also samba should be with user level privilege. So re-installation will not help.

2) currently aa-notify don't offers ignore message option.

the possible solution is either remove the samba profile from apparmor. Or remove the notification service.

I just wasted full day behind this. sorry to waste your time too. I will check with possible security risk and decide which one to keep.

  • downvote

7

Aravi77 days ago

HI @ha14

Thanks I will try firejail too. The final resolution for the aa-notify is that it is a nonsense. You will be disturbed a log in desktop. It is more better to view the last few 100 lines when you have any issue.

  • downvote
    You have to sign in to answer a question, sign up if you don't have an account.


    Hot Topics
    paulwestlake1944 Byte Fence Software
    bunnynv Autoplay stopped working
    richlandvaughans_4992 Scrolling issue on my laptop
    caturpoker99 How to creat a bot and play?
    TrevorKith What kind of bed is the most comfortable?
    Teresita Is investing in bitcoin safe?
    Teresita New usb flash drive already infected with virus
    lightcloud Is there a site where you can cash a check on your computer?
    lybwrsh How I can Exchange paypal to btc or Eth?
    blackcats Turning 18 years old and want to get into the IT field need help
    Recent users who have won rewards.
    yanka457 won $1
    MAKEROFMONY2 won $1
    muthu won $1
    Surfer won $1
    ha14 won $1
    sonmeoo won $1
    Phani won $2
    ha14 won $1
    nuklin won $1
    ha14 won $1
    Latest Topics
    a454545 Problem with Formating The SD card
    lybwrsh How I can Exchange paypal to btc or Eth?
    Frank121 Is binary option trading a good way to earn money online?
    grems I need a set of blue dinnerware. Where to find one?
    TrevorKith What kind of bed is the most comfortable?
    ko4ga Problem running Wise care 365 pro registard
    caturpoker99 How to creat a bot and play?
    lightcloud Is there a site where you can cash a check on your computer?
    Wisnick Wisefolders gone missing
    paulwestlake1944 Byte Fence Software
    Get free dollars by installing euask App.