Package: openntpd
Version: 1:6.2p3-1
Severity: normal
Tags: patch
Can't reproduce this in a quick check in Debian, but I can see it on
Ubuntu 18.04 machines, and this patch does the trick.
AppArmor denies openntpd access to syslog:
> [1690592.258663] audit: type=1400 audit(1531921190.778:1052):
> apparmor="DENIED" operation="sendmsg" info="Failed name lookup - disconnected
> path" error=-13 profile="/usr/sbin/ntpd" name="run/systemd/journal/dev-log"
> pid=2708 comm="ntpd" requested_mask="w" denied_mask="w" fsuid=0 ouid=0
This seems to be a known issue with apparmor + systemd
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1373070
And the workaround is a patch like this (which has already been applied
to ntpd).
SR
diff -Nru openntpd-6.2p3/debian/apparmor-profile openntpd-6.2p3/debian/apparmor-profile
--- openntpd-6.2p3/debian/apparmor-profile 2017-10-31 17:44:20.000000000 -0700
+++ openntpd-6.2p3/debian/apparmor-profile 2018-07-18 10:01:06.000000000 -0700
@@ -1,7 +1,7 @@
# vim:syntax=apparmor
#include <tunables/global>
-/usr/sbin/ntpd {
+/usr/sbin/ntpd flags=(attach_disconnected) {
#include <abstractions/base>
#include <abstractions/nameservice>
