Bug#766579: tlsdate's apparmor rules are a bit too restrictive
I've confirmed this issue. This bug should be fixed in the next release. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#766579: tlsdate's apparmor rules are a bit too restrictive
Package: tlsdate Version: 0.0.11-2 Severity: normal I've noticed the following logged while tlsdate is running: audit: type=1400 audit([CENSORED]): apparmor="DENIED" operation="open" profile="/usr/sbin/tlsdated" name="/var/cache/tlsdated/timestamp" pid=30105 comm="tlsdated" requested_mask="r" denied_mask="r" fsuid=65534 ouid=0 tlsdated[30105]: Can't open /var/cache/tlsdated/timestamp for reading: Permission denied tlsdated[30105]: Can't open /var/cache/tlsdated/timestamp for reading: Permission denied tlsdated[30105]: initial time sync type: system-clock tlsdated[30107]: [tlsdate-monitor] execve() failed: No such file or directory systemd[2698]: Time has been changed -- GPG ID: 0x5BF72F42D0952C5A Fingerprint: BD12 65FD 4954 C40A EBCB F5D7 5BF7 2F42 D095 2C5A signature.asc Description: PGP signature
