Re: AppArmor with BusyBox

Konstantin Aladyshev <aladyshev22@...>

I've added `IMAGE_INSTALL += "findutils"` to my `conf/local.conf`
file, and it seems like it was enough. There weren't any build

Should the AppArmor recipe be upgraded in some way to indicate that it
needs a full-featured findutils package instead of a busybox one?

Best regards,
Konstantin Aladyshev

On Mon, Apr 26, 2021 at 5:08 PM Quentin Schulz
<quentin.schulz@...> wrote:

Hi Konstantin,

On Mon, Apr 26, 2021 at 01:45:30PM +0300, Konstantin Aladyshev wrote:
I'm using the OpenBMC system ( and
I've tried to enable AppArmor functionality from the 'meta-security'

To achieve this I've added these strings to my local.conf file:
DISTRO_FEATURES_append = " apparmor"
IMAGE_INSTALL += "apparmor"

The AppArmor functionality was installed to my image, but
unfortunately I've come to this issue:

kernel: AppArmor: AppArmor initialized
kernel: AppArmor: AppArmor Filesystem Enabled
kernel: AppArmor: AppArmor sha1 policy hashing enabled
systemd[1]: systemd 247.3+ running in system mode. (+PAM -AUDIT
-PCRE2 default-hierarchy=hybrid)
systemd[1]: Starting AppArmor initialization...
apparmor[113]: Starting AppArmor profiles
apparmor[128]: xargs: invalid option -- 'd'
Busybox implementation of xargs does not support specifying a delimiter.

I suggest you to install the full-featured xargs which is provided by
the findutils recipe.

You probably need to disable xargs Busybox implementation otherwise
there'll be a conflict (you'll know, Yocto won't create the image).


Join to automatically receive all group messages.