Your message dated Sun, 08 May 2022 17:09:02 +0000
with message-id <[email protected]>
and subject line Bug#1010688: fixed in tcpdump 4.99.1-4
has caused the Debian Bug report #1010688,
regarding apparmor profile prevents -C -W
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1010688: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010688
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: tcpdump
Version: 4.99.1-3
Severity: normal
I have this problem both with Debian 11 and debian unstable:
When trying to use something like "-w /some/file/name.pcap -C 1 -W 10" tcpdump
gets -EACCESS when trying to open the file:
openat(AT_FDCWD, "/var/pcap/lapd.pcap0", O_WRONLY|O_CREAT|O_TRUNC, 0666) = -1
EACCES (Permission denied)
manually changing UID to tcpdump and trying to create the file works.
audit log shows:
[ 1975.392192] audit: type=1400 audit(1651910055.299:16): apparmor="DENIED"
operation="mknod" profile="tcpdump" name="/var/pcap/lapd.pcap0" pid=2003
comm="tcpdump" requested_mask="c" denied_mask="c" fsuid=106 ouid=106
The problem seems to be that the apparmor profile assumes that pcap files end
in pcap. However, when using
the -W option, there is a numerical suffix after the pcap, breaking that
assumption.
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.16.0-5-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_DIE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages tcpdump depends on:
ii adduser 3.121
ii libc6 2.33-7
ii libpcap0.8 1.10.1-4
ii libssl1.1 1.1.1n-1
tcpdump recommends no packages.
Versions of packages tcpdump suggests:
ii apparmor 3.0.4-2
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: tcpdump
Source-Version: 4.99.1-4
Done: Romain Francoise <[email protected]>
We believe that the bug you reported is fixed in the latest version of
tcpdump, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Romain Francoise <[email protected]> (supplier of updated tcpdump package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 08 May 2022 18:25:45 +0200
Source: tcpdump
Architecture: source
Version: 4.99.1-4
Distribution: unstable
Urgency: medium
Maintainer: Romain Francoise <[email protected]>
Changed-By: Romain Francoise <[email protected]>
Closes: 1010688
Changes:
tcpdump (4.99.1-4) unstable; urgency=medium
.
* debian/usr.bin.tcpdump: account for numerical suffix in filenames
added by -W (closes: #1010688).
Checksums-Sha1:
57d2c846106d5c0d4204807864fc1ca68724ceba 2172 tcpdump_4.99.1-4.dsc
a6a320ae65fcf1f740009c769430b90204b34d9a 18308 tcpdump_4.99.1-4.debian.tar.xz
efc8d64738c2d119f3a0fd53d3c57d433db52640 5946 tcpdump_4.99.1-4_source.buildinfo
Checksums-Sha256:
ddba3c800b74b0997c97855ddf95aa51f5f5d08290fd7b51032ecd518155a074 2172
tcpdump_4.99.1-4.dsc
e2358bfe66303b89a4094a6fb53d0c583929c50476d55b04f18ad7f86e5cb195 18308
tcpdump_4.99.1-4.debian.tar.xz
0c6bce100ebd9b431d7a21f093cae1fb55005d2d62216b49d9ad07ef2f1908fe 5946
tcpdump_4.99.1-4_source.buildinfo
Files:
45fd73332a5187d7cde06444e29a599a 2172 net optional tcpdump_4.99.1-4.dsc
e0482623b79f17d19a100fb5a23ac5b0 18308 net optional
tcpdump_4.99.1-4.debian.tar.xz
5a21cde431f6f2d3aee7ead93aaddead 5946 net optional
tcpdump_4.99.1-4_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEvjSXQsqYfs1+d+QtrRX0NfBfli0FAmJ38y0ACgkQrRX0NfBf
li1vpw//ZJL0mFunP00OfF3Dl4V612bYD1+5xlAnkD8NVAsPCXGV2groUKOwgskr
8yyQDlrWb+GhAttbdlfWxcyBYGRzZJlsRWHBAq++3TBOEFVzcn6yXL5PUS6gifDF
Lb765Sc3Xyz8Rg2O6IUr18sEoBdukZsqy2btzlvn1nMb9denYYXHNpJ001/zVRB4
/FmGm7H3JqDfebpUs2X7CQfEXrwvfS1Ddgl5U7ETfMppzbtAP4tW00zlHuF5VlRX
D2tH0kYSapeA3tAZ/ICctQEfpDQBd09eCLo08j3Is53zrzpbAhKrF7lU3AhCiFBP
YWFKSA2oT56IfMYyg/KpA9QXIxK4T7SX4yj/4dZkbYMaupoza1z/lxPqAuACNQ9p
VrQ3EMCHpWteVqq5JefpQd0p+pK4jhS2YUPTlVFUV+pJSIUXHkFop0ASEqtTOLO/
64s5mneT72+MeWIyxDQJXrPc2HhEAAyHB/eHWQxTIa+5cKmfgMoB1kT67rxKX/12
cjuunTb09Fc+aU4Tzn88+oq3l4IXKdlq/QciVjVCUcAgPeurIhQI3FYHvn8fzYwM
oaUMEZ6oxibyE0GLYT8nZCx0nXShbfnFYLvO1bV7KYxTbcMgRM/AddiFp6N/VmiX
XM54goCS0qfdkuHgcphLmwB6aEfygPzDN3RFCqmNPQO9GZEm3XA=
=DIsg
-----END PGP SIGNATURE-----
--- End Message ---
