[tor-relays] Tor marked as "enforced" process in Apparmor, but also "unconfined"
brightsidedarkside at t-online.de
Wed Nov 14 01:56:19 UTC 2012
I use Ubuntu Precise 12.04 and as I run a Bridge, I find the idea of
confining Tor with an Apparmor profile charming.
When upgrading Ubuntu and Tor, the Apparmor stuff seemed to be
automatically worked out, so I deleted my old handmade usr.sbin.tor
profile as I found the new system_tor profile.
Wenn I type "sudo aa-status", I get system_tor as "enforced process"
with its correct process id and there's no process "unconfined, but with
a profile defined".
But when I type "sudo aa-unconfined", /usr/sbin/tor ist marked as "not
So, what about that being charming? Is everything bad? Or good, and it's
just I'm an idiot?
I tried to rename the system_tor profile to usr.sbin.tor and adjusted
its name in the profile itself, but this only results in Tor being
listed under "unconfined processes that have a profile defined" when
typing "sudo aa-status".
Anybody who can see clear in this issue?
Any help is appreciated and thanks in advance.
P.S.: I really did a "sudo service apparmor reload" ;-)
More information about the tor-relays