[Bug 1154056] [NEW] bdii can't start slapd with alternate config file because apparmor

Tue, 12 Mar 2013 05:45:42 -0700 

Public bug reported:

The bdii init script launches slapd roughly like this:

 /usr/sbin/slapd -f /etc/bdii/bdii-slapd.conf -h ldap://0.0.0.0:2170 -u
openldap

but this process fails when reading the configuration file with
ENOACCESS (trace excerpt):

12129 stat("/etc/bdii/bdii-slapd.conf", {st_mode=S_IFREG|0644, st_size=2891, 
...}) = 0
12129 open("/etc/bdii/bdii-slapd.conf", O_RDONLY) = -1 EACCES (Permission 
denied)

The permissions are fine, but apparmor is blocking access according to
the kernel log:

Mar  9 06:31:22 gt-ige kernel: [219524.295300] type=1400
audit(1362803482.560:57): apparmor="DENIED" operation="open" parent=1516
profile="/usr/sbin/slapd" name="/etc/bdii/bdii-slapd.conf" pid=1639
comm="slapd" requested_mask="r" denied_mask="r" fsuid=110 ouid=110

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: bdii 5.2.5-2
ProcVersionSignature: Ubuntu 3.2.0-38.61-generic 3.2.37
Uname: Linux 3.2.0-38-generic x86_64
ApportVersion: 2.0.1-0ubuntu17.1
Architecture: amd64
Date: Tue Mar 12 14:22:15 2013
InstallationMedia: Ubuntu-Server 10.04.1 LTS "Lucid Lynx" - Release amd64 
(20100816.2)
MarkForUpload: True
PackageArchitecture: all
ProcEnviron:
 TERM=xterm
 PATH=(custom, no user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: bdii
UpgradeStatus: Upgraded to precise on 2013-01-15 (55 days ago)
modified.conffile..etc.bdii.bdii.slapd.conf: [modified]
modified.conffile..etc.bdii.bdii.top.slapd.conf: [modified]
mtime.conffile..etc.bdii.bdii.slapd.conf: 2013-03-09T06:31:20.328203
mtime.conffile..etc.bdii.bdii.top.slapd.conf: 2013-03-09T06:31:20.328203

** Affects: bdii (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug precise

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1154056

Title:
  bdii can't start slapd with alternate config file because apparmor

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bdii/+bug/1154056/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to