Question

Enabling AppArmor kernel LSM in Debian 7

Posted August 25, 2014 3.5k views

I’ve installed apparmor and updated the default boot options in /boot/grub/menu.lst with apparmor=1 and security=apparmor. When I reboot and run sudo aa-status I am told that the kernel was not booted with those options.

What do I need to do to get this working?

Add a comment
carlos.killpack
By:
carlos.killpack
Add a comment
1 comment
  • danorton September 25, 2014
    Reply Report

    The way that DigitalOcean creates VMs makes it impossible to set custom boot parameters. You’ll need to build a custom kernel with this option hard-coded.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer
asb September 11, 2014

Hi!

Due to the virtualization technology that we use, the kernel running on the droplet must match what is being run on the hypervisor level. Boot parameters must be passed on the hypervisor. If you open a support ticket, the team should be able to get you squared away.

Reply Report

Looking for something else?

Ask a new question Search for more help