Get started
Understanding AppArmor profile installation
Suggest changes
-
PDF of this doc site
-
Install and upgrade software
-
Install and maintain hardware
-
SG5700 storage appliances
-
SG5600 storage appliances
-
-
Configure and manage
-
Administer StorageGRID
-
-
Use StorageGRID
-
Monitor and troubleshoot
-
Monitor a StorageGRID system
-
-
Collection of separate PDF docs
Creating your file...
If you are operating in a self-deployed Ubuntu environment and using the AppArmor mandatory access control system, the AppArmor profiles associated with packages you install on the base system might be blocked by the corresponding packages installed with StorageGRID.
By default, AppArmor profiles are installed for packages that you install on the base operating system. When you run these packages from the StorageGRID system container, the AppArmor profiles are blocked. The DHCP, MySQL, NTP, and tcdump base packages conflict with AppArmor, and other base packages might also conflict.
You have two choices for handling AppArmor profiles:
-
Disable individual profiles for the packages installed on the base system that overlap with the packages in the StorageGRID system container. When you disable individual profiles, an entry appears in the StorageGRID log files indicating that AppArmor is enabled.
Use the following commands:
sudo ln -s /etc/apparmor.d/<profile.name> /etc/apparmor.d/disable/ sudo apparmor_parser -R /etc/apparmor.d/<profile.name>
Example:
sudo ln -s /etc/apparmor.d/bin.ping /etc/apparmor.d/disable/ sudo apparmor_parser -R /etc/apparmor.d/bin.ping
-
Disable AppArmor altogether. For Ubuntu 9.10 or later, follow the instructions in the Ubuntu online community: Disable AppArmor.
Once you disable AppArmor, no entries indicating that AppArmor is enabled will appear in the StorageGRID log files.