[Touch-packages] [Bug 1453088] [NEW] isc-dhcp-server apparmor include
Public bug reported: I tried to put isc-dhcp-server in to complain mode due to issues with /run and /var/run PID flags. It gave me an error root@here:/etc/apparmor.d# aa-complain usr.sbin.dhcpd Setting /etc/apparmor.d/usr.sbin.dhcpd to complain mode. Traceback (most recent call last): File "/usr/sbin/aa-complain", line 30, in tool.cmd_complain() File "/usr/lib/python3/dist-packages/apparmor/tools.py", line 184, in cmd_complain raise apparmor.AppArmorException(cmd_info[1]) apparmor.common.AppArmorException: "AppArmor parser error for /etc/apparmor.d/usr.sbin.dhcpd in /etc/apparmor.d/usr.sbin.dhcpd at line 69: Could not open 'dhcpd.d'\n" due to #include in usr.sbin.dhcpd Two things confuse me. The use of '#' and '# ' to mean include and for commenting respectively. Is this not going to make bug fixing more difficult ? and two should dhcpd.d include a full path ? Why is app armour complain complaining with a standard file ? Cheers Simon ** Affects: isc-dhcp (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to isc-dhcp in Ubuntu. https://bugs.launchpad.net/bugs/1453088 Title: isc-dhcp-server apparmor include Status in isc-dhcp package in Ubuntu: New Bug description: I tried to put isc-dhcp-server in to complain mode due to issues with /run and /var/run PID flags. It gave me an error root@here:/etc/apparmor.d# aa-complain usr.sbin.dhcpd Setting /etc/apparmor.d/usr.sbin.dhcpd to complain mode. Traceback (most recent call last): File "/usr/sbin/aa-complain", line 30, in tool.cmd_complain() File "/usr/lib/python3/dist-packages/apparmor/tools.py", line 184, in cmd_complain raise apparmor.AppArmorException(cmd_info[1]) apparmor.common.AppArmorException: "AppArmor parser error for /etc/apparmor.d/usr.sbin.dhcpd in /etc/apparmor.d/usr.sbin.dhcpd at line 69: Could not open 'dhcpd.d'\n" due to #include in usr.sbin.dhcpd Two things confuse me. The use of '#' and '# ' to mean include and for commenting respectively. Is this not going to make bug fixing more difficult ? and two should dhcpd.d include a full path ? Why is app armour complain complaining with a standard file ? Cheers Simon To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1453088/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1186662] Re: isc-dhcp-server fails to renew lease file
This is still ongoing. I've tried - /etc/init/isc-dhcp-server.conf # The leases files need to be root:root even when dropping privileges [ -e /var/lib/dhcp/dhcpd.leases ] || touch /var/lib/dhcp/dhcpd.leases #SM 2015-05-08 chown root:root /var/lib/dhcp /var/lib/dhcp/dhcpd.leases chown dhcpd:dhcpd /var/lib/dhcp /var/lib/dhcp/dhcpd.leases if [ -e /var/lib/dhcp/dhcpd.leases~ ]; then #SM 2015-05-08chown root:root /var/lib/dhcp/dhcpd.leases~ echo "Chown DHCPD to fix brokenness" chown dhcpd:dhcpd /var/lib/dhcp/dhcpd.leases~ fi - /etc/init.d/isc-dhcp-server ... start) test_config log_daemon_msg "Starting $DESC" "$NAME" log_daemon_msg "chown dhcpd /var/lib/dhcp/*" # SM 2015-08-05 chown dhcpd /var/lib/dhcp/* chown dhcpd /var/lib/dhcp/* ... restart | force-reload) test_config $0 stop sleep 2 $0 start if [ "$?" != "0" ]; then exit 1 fi #SM 1015-05-08 chown dhcpd /var/lib/dhcp/* ;; ... -.) Apparmor in to complain mode mv /etc/apparmor.d/usr.sbin/usr.sbin.dhcpd /etc/apparmor.d/force-complain/ -.)/lib/systemd/system/isc-dhcp-server.service # SM 2015-05-08 chown root:root /var/lib/dhcp /var/lib/dhcp/dhcpd.leases*; \ chown dhcpd:dhcpd /var/lib/dhcp /var/lib/dhcp/dhcpd.leases*; \ followed by systemctl daemon-reload and modifying systemd finally broke it: systemctl status isc-dhcp-server.service ● isc-dhcp-server.service - ISC DHCP IPv4 server Loaded: error (Reason: Invalid argument) Active: active (running) since Fri 2015-05-08 09:42:02 BST; 14min ago Docs: man:dhcpd(8) Main PID: 14253 (dhcpd) CGroup: /system.slice/isc-dhcp-server.service └─14253 dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf /etc/dhcp/dhcpd.conf eth0... May 08 09:42:02 here dhcpd[14253]: Server starting service. May 08 09:42:02 here sh[14253]: Listening on LPF/eth0/00:9c:02:a0:38:67/192.168.1.0/24 May 08 09:42:02 here sh[14253]: Sending on LPF/eth0/00:9c:02:a0:38:67/192.168.1.0/24 May 08 09:42:02 here sh[14253]: Sending on Socket/fallback/fallback-net May 08 09:42:32 here systemd[1]: [/lib/systemd/system/isc-dhcp-server.service:17] Trailing garbage, ignoring. May 08 09:42:32 here systemd[1]: isc-dhcp-server.service lacks both ExecStart= and ExecStop= setting. Refusing. May 08 09:43:04 here systemd[1]: [/lib/systemd/system/isc-dhcp-server.service:17] Trailing garbage, ignoring. May 08 09:43:04 here systemd[1]: isc-dhcp-server.service lacks both ExecStart= and ExecStop= setting. Refusing. May 08 09:46:58 here systemd[1]: [/lib/systemd/system/isc-dhcp-server.service:17] Trailing garbage, ignoring. May 08 09:46:58 here systemd[1]: isc-dhcp-server.service lacks both ExecStart= and ExecStop= setting. Refusing. root@here:/etc/init.d# PLEASE can someone tell me how this has persisted since 2013 ?!?!?! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to isc-dhcp in Ubuntu. https://bugs.launchpad.net/bugs/1186662 Title: isc-dhcp-server fails to renew lease file Status in isc-dhcp package in Ubuntu: Triaged Status in isc-dhcp source package in Trusty: Confirmed Bug description: After raring upgrade, the dhcp server fails to renew lease file when it tries to (about every hour). The syslog says: dhcpd: Can't create new lease file: Permission denied It looks like a permission problem, because # chown -R dhcpd:dhcpd /var/lib/dhcp the above command temporarily solves the issue, until dhcpd is restarted: at that time, the ownership of the directory and the lease file is set back to root:root. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1186662/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
