TechQA.

apparmor profile for a java application run run with java -jar

945 views Asked by At

I am working with logstash and it is unable to read some log files. To be able to read, I think I have to add a profile in apparmor but am pretty lost at this point.

  1. The app is run as: java -jar .... Do I have to add a profile for java or is there some other simpler way?
  2. Will simply adding a single line like /path/to/mylogs r work?

Thanks for any help.

java apparmor
Original Q&A
1

There are 1 answers

0
user21292052 On

I have the same problem with a systemd service that starts an application via java -jar ....

As aa-genprof and AppArmor in general only works with file path and not PIDs and the jar files are not executables, it seems to me like one has to write a profile manually, maybe assisted by aa-easyprof, aa-genprof or aa-logprof for java.

The profile can then be enforced with e.g. the AppArmorProfile= directive in systemd.

Related Questions in JAVA

Related Questions in APPARMOR

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions