The manual check in sys-whonix and Whonix-Workstation AppVM shows:
1
Not 0 as expected.
sudo aa-status shows “apparmor module is not loaded” in those AppVMs.
No evidence of AppArmor loading or profiles being enforced in logs as expected.
If this is a bug, this could affect a bunch of Whonix users when Qubes pushes 14.4 kernel, like I believe they intend to in the near term as it is next stable.
This is a critical problem / security regression which should be reported as a bug to Qubes and/or Linux kernel and/or Xen and/or AppArmor mob, since it is clearly not Whonix-specific.
It’s probably best to report to Qubes Issues tracker in the first instance, since it’s the only platform where this happens(?). @adw
Couldn’t find any other reference for it from Internet searches i.e. apparmor module completely failing to load in 4.14 kernel (only the profiles issue which is already resolved in Debian etc).