Quote AppArmor/HowToUse - Debian Wiki
- Profiles in complain mode will send ALLOWED lines in the logs for entries that would normally be DENIED in enforce mode. You can use this to tweak configs before turning them on in enforce mode.
Could you fix the following please?
sudo journalctl -b -o cat | grep denied
AVC apparmor=“ALLOWED” operation=“exec” profile=“/usr/lib/whonix-firewall/" name=“/bin/systemctl” pid=1874 comm=“firewall-restar” requested_mask=“x” denied_mask=“x” fsuid=0 ouid=0 target="/usr/lib/whonix-firewall///null-/bin/systemctl”
AVC apparmor=“ALLOWED” operation=“file_inherit” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/tmp/tmp.zs8SEbAZQf” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
audit: type=1400 audit(1577880763.053:19): apparmor=“ALLOWED” operation=“exec” profile="/usr/lib/whonix-firewall/” name=“/bin/systemctl” pid=1874 comm=“firewall-restar” requested_mask=“x” denied_mask=“x” fsuid=0 ouid=0 target=“/usr/lib/whonix-firewall///null-/bin/systemctl"
audit: type=1400 audit(1577880763.053:20): apparmor=“ALLOWED” operation=“file_inherit” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/tmp/tmp.zs8SEbAZQf” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
audit: type=1400 audit(1577880763.053:21): apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/bin/systemctl” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/bin/systemctl” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/ld-2.28.so” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/etc/ld.so.cache” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libc-2.28.so” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libc-2.28.so” pid=1874 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libselinux.so.1” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
audit: type=1400 audit(1577880763.053:22): apparmor=“ALLOWED” operation=“file_mmap” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/ld-2.28.so” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
audit: type=1400 audit(1577880763.053:23): apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/etc/ld.so.cache” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
audit: type=1400 audit(1577880763.053:24): apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libc-2.28.so” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
audit: type=1400 audit(1577880763.053:25): apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libc-2.28.so” pid=1874 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
audit: type=1400 audit(1577880763.053:26): apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libselinux.so.1” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
audit: type=1400 audit(1577880763.053:27): apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libselinux.so.1” pid=1874 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libselinux.so.1” pid=1874 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/liblzma.so.5.2.4” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/liblzma.so.5.2.4” pid=1874 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/usr/lib/x86_64-linux-gnu/liblz4.so.1.8.3” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/usr/lib/x86_64-linux-gnu/liblz4.so.1.8.3” pid=1874 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libgcrypt.so.20.2.4” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libgcrypt.so.20.2.4” pid=1874 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libblkid.so.1.1.0” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libblkid.so.1.1.0” pid=1874 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libpthread-2.28.so” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libpthread-2.28.so” pid=1874 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libpcre.so.3.13.3” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libpcre.so.3.13.3” pid=1874 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
audit: type=1400 audit(1577880763.053:28): apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/liblzma.so.5.2.4” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libdl-2.28.so” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libdl-2.28.so” pid=1874 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libgpg-error.so.0.26.1” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libgpg-error.so.0.26.1” pid=1874 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libuuid.so.1.3.0” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libuuid.so.1.3.0” pid=1874 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/proc/filesystems” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/usr/lib/locale/locale-archive” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/proc/1874/stat” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/proc/1/environ” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/proc/1/sched” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/proc/cmdline” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/usr/share/zoneinfo/UCT” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/run/log/journal/” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/etc/machine-id” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/run/log/journal/b08dfa6083e7567a1921a715000001fb/” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/run/log/journal/b08dfa6083e7567a1921a715000001fb/system.journal” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/run/log/journal/b08dfa6083e7567a1921a715000001fb/system@e059de1a43f24dd48f17f28ccce65000-0000000000000001-00059b12fd2ef886.journal” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/proc/sys/kernel/random/boot_id” pid=1874 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“exec” profile=“/usr/lib/whonix-firewall/" name=“/bin/systemctl” pid=1878 comm=“firewall-restar” requested_mask=“x” denied_mask=“x” fsuid=0 ouid=0 target="/usr/lib/whonix-firewall///null-/bin/systemctl”
AVC apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/bin/systemctl” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/ld-2.28.so” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/etc/ld.so.cache” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libc-2.28.so” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libc-2.28.so” pid=1878 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libselinux.so.1” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libselinux.so.1” pid=1878 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/liblzma.so.5.2.4” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/liblzma.so.5.2.4” pid=1878 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/usr/lib/x86_64-linux-gnu/liblz4.so.1.8.3” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/usr/lib/x86_64-linux-gnu/liblz4.so.1.8.3” pid=1878 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libgcrypt.so.20.2.4” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libgcrypt.so.20.2.4” pid=1878 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libblkid.so.1.1.0” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libblkid.so.1.1.0” pid=1878 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libpthread-2.28.so” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libpthread-2.28.so” pid=1878 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libpcre.so.3.13.3” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libpcre.so.3.13.3” pid=1878 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libdl-2.28.so” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libdl-2.28.so” pid=1878 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libgpg-error.so.0.26.1” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libgpg-error.so.0.26.1” pid=1878 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/lib/x86_64-linux-gnu/libuuid.so.1.3.0” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“file_mmap” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/lib/x86_64-linux-gnu/libuuid.so.1.3.0” pid=1878 comm=“systemctl” requested_mask=“rm” denied_mask=“rm” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/proc/filesystems” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/usr/lib/locale/locale-archive” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/proc/1878/stat” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/proc/1/environ” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall///null-/bin/systemctl” name=“/proc/1/sched” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall///null-/bin/systemctl" name=“/proc/cmdline” pid=1878 comm=“systemctl” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“chown” profile="/usr/lib/whonix-firewall/” name=“/run/sdwdate/success” pid=1889 comm=“chown” requested_mask=“w” denied_mask=“w” fsuid=0 ouid=109
AVC apparmor=“ALLOWED” operation=“chown” profile=“/usr/lib/whonix-firewall/" name=“/run/sdwdate/first_success” pid=1889 comm=“chown” requested_mask=“w” denied_mask=“w” fsuid=0 ouid=109
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall/” name=“/etc/sudoers.d/” pid=1891 comm=“sudo” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall/" name=“/etc/sudoers.d/” pid=1896 comm=“sudo” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile="/usr/lib/whonix-firewall/” name=“/etc/gai.conf” pid=1939 comm=“iptables” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0
AVC apparmor=“ALLOWED” operation=“open” profile=“/usr/lib/whonix-firewall/**” name=“/etc/gai.conf” pid=1940 comm=“iptables” requested_mask=“r” denied_mask=“r” fsuid=0 ouid=0