AppArmor debe estar deshabilitado durante la instalación y configuración del clúster. Puede habilitarse posteriormente, después de la instalación y mientras el clúster está corriendo.
|
1 2 3 4 5 |
# systemctl disable apparmor Synchronizing state of apparmor.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install disable apparmor Removed /etc/systemd/system/sysinit.target.wants/apparmor.service. # reboot |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
# service apparmor status • apparmor.service- Load AppArmor profiles Loaded: loaded (/lib/systemd/system/apparmor.service; disabled; vendor preset: enabled) Active: inactive (dead) Docs: man: apparmor(7) https://gitlab.com/apparmor/apparmor/wikis/home/ # apparmor_status apparmor module is loaded. 15 profiles are loaded. 15 profiles are in enforce mode. /snap/snapd/18357/usr/lib/snapd/snap-confine /snap/snapd/18357/usr/lib/snapd/snap-confine//mount-namespace-capture-helper snap-update-ns.lxd snap.lxd.activate snap.1xd.benchmark snap.lxd.buginfo snap.lxd.check-kernel snap.1xd.daemon snap.1xd.hook.configure snap.lxd.hook.install snap.1xd.hook.remove snap.1xd.1xc snap.lxd.lxc-to-lxd snap.1xd.lxd snap.lxd.migrate 0 profiles are in complain mode. 0 processes have profiles defined. 0 processes are in enforce mode. 0 processes are in complain mode. 0 processes are unconfined but have a profile defined. |