[Bug 1708674] Re: Haveged with AppArmor issue on Upstart
Correction: 1) futzing with /lib/systemd/system/haveged.service doesn't help 2) strace -f shows that haveged is indeed failing because it can't write to /var/run 3) adding the line suggested in the original post to /etc/apparmor.d/usr.sbin.haveged works I failed to try the single-line usr.sbin.haveged workaround originally because it looked scary, but on a second read it's very clear and easy. Applied it to all my ubu1604 boxes and rebooted, all are running haveged now. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1708674 Title: Haveged with AppArmor issue on Upstart To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/haveged/+bug/1708674/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1708674] Re: Haveged with AppArmor issue on Upstart
I verified that my 16.04 system has upstart-sysv installed and that /var/log/syslog contains haveged: haveged starting up kernel: [43612.894002] audit: type=1400 audit(1544731842.319:38): apparmor="DENIED" operation="mknod" profile="/usr/sbin/haveged" name="/run/haveged.pid" pid=15508 comm="haveged" requested_mask="c" denied_mask="c" fsuid=0 ouid=0 so it looks like this hit me. I'm running ubuntu 16.04 with haveged 1.9.1-3. Looking at ubuntu 18.04's haveged 1.9.1-6, I see it has a fix for a similar problem, https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=824179 Applying that as a workaround by editing /lib/systemd/system/haveged.service like so: -After=systemd-random-seed.service +After=apparmor.service systemd-random-seed.service seems to work. ** Bug watch added: Debian Bug tracker #824179 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=824179 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1708674 Title: Haveged with AppArmor issue on Upstart To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/haveged/+bug/1708674/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1708674] Re: Haveged with AppArmor issue on Upstart
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: haveged (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1708674 Title: Haveged with AppArmor issue on Upstart To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/haveged/+bug/1708674/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
