Your message dated Sun, 29 May 2022 18:02:23 +0000
with message-id <[email protected]>
and subject line Bug#1010688: fixed in tcpdump 4.99.0-2+deb11u1
has caused the Debian Bug report #1010688,
regarding apparmor profile prevents -C -W
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1010688: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010688
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: tcpdump
Version: 4.99.1-3
Severity: normal
I have this problem both with Debian 11 and debian unstable:
When trying to use something like "-w /some/file/name.pcap -C 1 -W 10" tcpdump
gets -EACCESS when trying to open the file:
openat(AT_FDCWD, "/var/pcap/lapd.pcap0", O_WRONLY|O_CREAT|O_TRUNC, 0666) = -1
EACCES (Permission denied)
manually changing UID to tcpdump and trying to create the file works.
audit log shows:
[ 1975.392192] audit: type=1400 audit(1651910055.299:16): apparmor="DENIED"
operation="mknod" profile="tcpdump" name="/var/pcap/lapd.pcap0" pid=2003
comm="tcpdump" requested_mask="c" denied_mask="c" fsuid=106 ouid=106
The problem seems to be that the apparmor profile assumes that pcap files end
in pcap. However, when using
the -W option, there is a numerical suffix after the pcap, breaking that
assumption.
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.16.0-5-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_DIE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages tcpdump depends on:
ii adduser 3.121
ii libc6 2.33-7
ii libpcap0.8 1.10.1-4
ii libssl1.1 1.1.1n-1
tcpdump recommends no packages.
Versions of packages tcpdump suggests:
ii apparmor 3.0.4-2
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: tcpdump
Source-Version: 4.99.0-2+deb11u1
Done: Romain Francoise <[email protected]>
We believe that the bug you reported is fixed in the latest version of
tcpdump, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Romain Francoise <[email protected]> (supplier of updated tcpdump package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 22 May 2022 18:22:50 +0200
Source: tcpdump
Architecture: source
Version: 4.99.0-2+deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: Romain Francoise <[email protected]>
Changed-By: Romain Francoise <[email protected]>
Closes: 989433 1010688
Changes:
tcpdump (4.99.0-2+deb11u1) bullseye; urgency=medium
.
* Minor AppArmor profile updates (debian/usr.bin.tcpdump):
+ Grant access to *.cap (closes: #989433).
+ Account for numerical suffix in filenames added by -W (closes: #1010688).
Checksums-Sha1:
80432d8ac9c8e653ac5a6c50a52698ea4a9fddbe 2204 tcpdump_4.99.0-2+deb11u1.dsc
f83e90f71d1e7cd7d1b341b83e904e43ce509b5c 18068
tcpdump_4.99.0-2+deb11u1.debian.tar.xz
a45303c5a969e29d4e98e0c615b8ae4aaf01ddc6 5923
tcpdump_4.99.0-2+deb11u1_source.buildinfo
Checksums-Sha256:
cce7777e3c97ec30f67cc3b413dac6ff34249a797310f91207bf5d4daf53498d 2204
tcpdump_4.99.0-2+deb11u1.dsc
04d67e163b9c25398048bcfbac4f384a596fae9bab2d2ccffe831b666c6bb314 18068
tcpdump_4.99.0-2+deb11u1.debian.tar.xz
09309a3c4323ec65e7aa0e743681c0117c5418132d0c33070e6b2109199b8752 5923
tcpdump_4.99.0-2+deb11u1_source.buildinfo
Files:
cc5f314577bbb4b793d3194f57469deb 2204 net optional tcpdump_4.99.0-2+deb11u1.dsc
a3670c8f86438cf576f6023d66d52ab9 18068 net optional
tcpdump_4.99.0-2+deb11u1.debian.tar.xz
8136953c9dae6a1215cd00896d0507e2 5923 net optional
tcpdump_4.99.0-2+deb11u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEvjSXQsqYfs1+d+QtrRX0NfBfli0FAmKTl20ACgkQrRX0NfBf
li3BCBAAj76gOHGHWDBS0GA7YvTS7bgEk0msK6YKO7h8tIqllGmlHoCWoL0WiDBp
7X9FUMa6xroYBKDLqi7YrUdPUDLy77mz8eMjs6HkaVRqh39DoR89Ni8Y+flKx1xv
uJ//jhAYzkUZzW119/QW5gyaRR05EsZDmqgIcX+bci3yH++Lwe9KtwnqgBViIpBG
4zYaE+7vfV193fdkejT/5XLjrKhUfMMhMDRRO7feeyT2leh8T8yz3EuTQkwynUP8
D25+t5qGzwOkmty6N+blmePqZBjpPZhSgI7DaCAgqnioAampkU9/fIAzem54O/yu
EhxkF2zN3oDXE8fhvg4J3CjXZQe9g1JXhZ40AXcDpOvDFdzzy3Yk1Uj5t+ExRoGl
g43ojg/y5Mp8v1TLsjV3URIff/blE9rnbukV/EVb0XVKh7NsKC/YjaG42BB8p9Pn
bt2MmgGY0qtlwHi+13vYzG1EZQT54TO5PXDXuuiPO4VpHu9dkoZrdphO1iXYMGEC
MPHv9HyW3oKi4ZUwhFq2tH/oxHbyY19Ci76Vi9pzGcs9iMxYGWXCoNTTp08Wv66s
+0fSOoceSpCqX0L8H1S2G+ac9c6C4+xd6Fra7GHVwazvRsBhc/pa2oG1TB7Z5vwJ
AyexIQ3qsfdSkxLnDgnef1lWt+xsXoR+0fzjJlzkLkt3/dWC8+c=
=Gysd
-----END PGP SIGNATURE-----
--- End Message ---
