1 processes are unconfined but have a profile defined

I’m apparmor newbie.
I have run aa-genprof lighttpd weeks ago and put it into complain mode.
Today, after I switch it into enforce mode, on the output of aa-status, I see the captioned line. (Well, I ran aa-logprof several times in between. I always avoid doing something I don’t understand so I quit chickenly everytime.)
I have a couple of questions that are not mentioned in most of apparmor know-how googled.

  1. How can I confine that process? I only have its pid (which is not permanent by nature).
  2. If I run multiple times of aa-logprof, does the “learning” cumulated? or only the last run counts?
  3. Just notice there is a package apparmor-profiles-extra. Should I install it? Does it carry official profile for lighttpd, and will it overwrite the existing one if it does?

Thanks a lot for any help.

Hi vvong

How to use apparmor can be sourted out as per the https://whonix.org/wiki/Support#Free_Support_Principle

I would start by:

Please note:

Users can also utilize {apparmor} profiles by other vendors, but this is unsupported by Whonix developers.

1 Like

Thanks a lot for the leads. :heart_eyes:

Don’t encounter them on my google results. :crazy_face:

Oh sorry, I mean “supported”. :grimacing:

Also the apparmor support may be helpful.