Would you mind sharing why you have added this at kernel parameters?
Morning @petsam , i'll use my "way-back" memory -my own !- after coffee start...
Sorry for this...
One thing is sure to me now is i have some toubles with zen kernel
I use others to boot: lts, hardenend...
Back soon
Thanks
F.
Again, so now using this one:
Linux ordi-fred 5.11.0-1-mainline #1 SMP PREEMPT Sat, 20 Feb 2021 16:44:40 +0000 x86_64 GNU/Linux
and i removed 5.11.2.zen1-1, just kept lts/hardened/tkg-5.11.1-127
Sorry, i'll do my best to answer u properly soon!
F.
Hi, i tyied to set 5.11.0-1-mainline as DEFAULT but the machine(HPelitebook refurbished-by me...ssd+dust+ram+screen...i5/16Gb ram)
keeps on booting on:
uname -a
Linux ordi-fred 5.11.1-127-tkg-pds
Strange !
Best
F.
You can change your booting kernel at grub boot menu (advanced options).
This: /usr/bin/grub-probe is not a kernel parameter, so you must have added it yourself.
Check
grep -i cmdline /etc/default/grub
2 Likes
@petsam, bothering again...
grep -i cmdline /etc/default/grub
GRUB_CMDLINE_LINUX_DEFAULT="quiet splash rd.udev.log_priority=3 vt.global_cursor_default=0 systemd.unified_cgr
oup_hierarchy=1 loglevel=3"
GRUB_CMDLINE_LINUX="$1 apparmor=1 security=apparmor"
I added this probably because i wanted aa to enable AFTER missed install of selinux !
Previously there was nothing in between "".
RESULT: global unstability and the partially installed selinux seems to be a trouble...
NOW: aa runs ok i presume but i need to get rid of the "remains" of selinux.
My guess is that they are not made to run together.
aa-status
apparmor module is loaded.
[root@ordi-fred ~]# systemctl status selinux
Unit selinux.service could not be found.
Best
F.
"You can change your booting kernel at grub boot menu (advanced options)"
#--> I keep on changing kernel but i'd like to make my choise permanent
(boots each time on selected kernel)
F.
First, you should be more cooperative (meaning, you are expected to have read Garuda wiki and Relevant Forum Tutorials), like this:
I don’t know how you decided about kernel parameters. These can fix or break your system, so you should be careful and certain of what you are doing.
Archwiki suggests only one kernel parameter for apparmor
lsm=lockdown,yama,apparmor,bpf
For anything else, post your guide’s link, so we know better.
Here, $1 is pulling /usr/bin/grub-probe in kernel parameters, which in this case is probably harmless, but nobody knows what will happen if you keep doing random, undocumented things.
I would suggest you edit this line to this:
GRUB_CMDLINE_LINUX="lsm=lockdown,yama,apparmor,bpf"
update-grub and check after boot your apparmor status.
2 Likes
I did your command
GRUB_CMDLINE_LINUX="lsm=lockdown,yama,apparmor,bpf"
After update-grub returns:
aa-status
apparmor module is loaded.
My acces to grub was:
nano /etc/default/grub
I do understand the mistake... AND it happens that i'm not careful enough
and i pay it by loosing a lot of time...Hopefully i have readable backups.
I'm gratefull to you for the Archwiki suggestions were not that clear to me.
Many thanks for u'r time. I will deal with se problem, but .service is not activated.
Fred.
You are supposed to enable it and start it.
man systemctl
3 Likes
Thanks again but if aa is running is it really wise to activate selinux.service?
I doubt it for two reasons:
- se is not properly installed, causing a few mistakes(for me) like relabelling files.
- aa is running ok - so far.
On the contrary, it might be more efficient to nuke se...I'll have another very close
look at the wiki...
Its my noob opinion, of course i do rely on experts.
F.
General questions, general answers.
I never said you have to, or what to.
I was referring to apparmor.service, for all my advice. I have no idea about Selinux.
I only RTFM, because most of forum issues are because users won’t read, or can’t find what they need. 
4 Likes
Well, so far/so good !
Never hurts to read again & again wikis
Some good might come out
So thanks
F.
1 Like
This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.