Public bug reported:
Ubuntu's systemd implementation is passing a relative path for the
sytemd-notify socket 'run/systemd/notify' into the environment of the
mariadb.service unit-file. This breaks apparmor, since apparmor profile
rules require an absolute path '/run/systemd/notify rw,'.
Please fix this so I can enforce an apparmor profile with mariadb.
Nota Bene: the mysql-sever package doesn't have this problem. As far as
i can tell, this is because that package doesn't interact with the
systemd-notify socket, but I could be wrong.
I spoke with some patrons of #systemd on irc.freenode.net who claim this
is a bug in Ubuntu's systemd implementation, stating that it shouldn't
pass a relative path to the /run/systemd/notify socket.
Thanks for your maintenance. Systemd sucks but apparmor is cool. Since
your distro integrates both of these technologies, please fix this bug.
Thank you,
Matt Rush
OSCP, OSCE
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: systemd 237-3ubuntu10.4
ProcVersionSignature: Ubuntu 4.15.0-1025.25-aws 4.15.18
Uname: Linux 4.15.0-1025-aws x86_64
ApportVersion: 2.20.9-0ubuntu7.4
Architecture: amd64
Date: Wed Dec 5 17:35:09 2018
Ec2AMI: ami-0ac019f4fcb7cb7e6
Ec2AMIManifest: (unknown)
Ec2AvailabilityZone: us-east-1b
Ec2InstanceType: t2.medium
Ec2Kernel: unavailable
Ec2Ramdisk: unavailable
Lsusb: Error: command ['lsusb'] failed with exit code 1:
MachineType: Xen HVM domU
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=en_US.UTF-8
SHELL=/bin/bash
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-1025-aws
root=UUID=bbf64c6d-bc15-4ae0-aa4c-608fd9820d95 ro console=tty1 console=ttyS0
nvme.io_timeout=4294967295
SourcePackage: systemd
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 08/24/2006
dmi.bios.vendor: Xen
dmi.bios.version: 4.2.amazon
dmi.chassis.type: 1
dmi.chassis.vendor: Xen
dmi.modalias:
dmi:bvnXen:bvr4.2.amazon:bd08/24/2006:svnXen:pnHVMdomU:pvr4.2.amazon:cvnXen:ct1:cvr:
dmi.product.name: HVM domU
dmi.product.version: 4.2.amazon
dmi.sys.vendor: Xen
** Affects: systemd (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug bionic ec2-images
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1807057
Title:
Systemd passes a relative path to the unit-file for mariadb.service,
which breaks apparmor.
Status in systemd package in Ubuntu:
New
Bug description:
Ubuntu's systemd implementation is passing a relative path for the
sytemd-notify socket 'run/systemd/notify' into the environment of the
mariadb.service unit-file. This breaks apparmor, since apparmor
profile rules require an absolute path '/run/systemd/notify rw,'.
Please fix this so I can enforce an apparmor profile with mariadb.
Nota Bene: the mysql-sever package doesn't have this problem. As far
as i can tell, this is because that package doesn't interact with the
systemd-notify socket, but I could be wrong.
I spoke with some patrons of #systemd on irc.freenode.net who claim
this is a bug in Ubuntu's systemd implementation, stating that it
shouldn't pass a relative path to the /run/systemd/notify socket.
Thanks for your maintenance. Systemd sucks but apparmor is cool. Since
your distro integrates both of these technologies, please fix this
bug.
Thank you,
Matt Rush
OSCP, OSCE
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: systemd 237-3ubuntu10.4
ProcVersionSignature: Ubuntu 4.15.0-1025.25-aws 4.15.18
Uname: Linux 4.15.0-1025-aws x86_64
ApportVersion: 2.20.9-0ubuntu7.4
Architecture: amd64
Date: Wed Dec 5 17:35:09 2018
Ec2AMI: ami-0ac019f4fcb7cb7e6
Ec2AMIManifest: (unknown)
Ec2AvailabilityZone: us-east-1b
Ec2InstanceType: t2.medium
Ec2Kernel: unavailable
Ec2Ramdisk: unavailable
Lsusb: Error: command ['lsusb'] failed with exit code 1:
MachineType: Xen HVM domU
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=en_US.UTF-8
SHELL=/bin/bash
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-1025-aws
root=UUID=bbf64c6d-bc15-4ae0-aa4c-608fd9820d95 ro console=tty1 console=ttyS0
nvme.io_timeout=4294967295
SourcePackage: systemd
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 08/24/2006
dmi.bios.vendor: Xen
dmi.bios.version: 4.2.amazon
dmi.chassis.type: 1
dmi.chassis.vendor: Xen
dmi.modalias:
dmi:bvnXen:bvr4.2.amazon:bd08/24/2006:svnXen:pnHVMdomU:pvr4.2.amazon:cvnXen:ct1:cvr:
dmi.product.name: HVM domU
dmi.product.version: 4.2.amazon
dmi.sys.vendor: Xen
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1807057/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
