** Changed in: ntp (Ubuntu)
Importance: Undecided => High
** Summary changed:
- Missing apparmor rules cause tor to fail to start
+ apparmor base abstraction needs backport of rev 3658 to fix several denies
(tor, ntp, ...)
--
You received this bug notification because you are a member of Ub
Correctly added a bug task for ntp to also be affected.
Dropping Artful (EOL)
** Also affects: ntp (Ubuntu)
Importance: Undecided
Status: New
** No longer affects: apparmor (Ubuntu Yakkety)
** Changed in: apparmor (Ubuntu Xenial)
Status: New => Triaged
** Changed in: ntp (Ubunt
Thanks to find the related commit Jamie, I we can put the preparation of
debdiffs on our backlog for now.
Tagged server-next because Patch known, benefit high fixing various
distracting noise and log reporting in multiple packages when running in
LXD.
@Rbasak please jump in and change triaging if
This is what someone needs to backport: http://bazaar.launchpad.net
/~apparmor-dev/apparmor/master/revision/3658. If you want the security
team to do it, please use the stakeholder process to get this
prioritized.
--
You received this bug notification because you are a member of Ubuntu
Bugs, whic
Yeah Jamie, thanks for the status update - absolutely right for apparmor
(ubuntu).
Yet - at least I - have no idea what to backport in regard to provide debdiffs
in that case.
I would have hoped you(r team) would know what that was about in particular and
might have discussed/considered/rejected
As mentioned in other comments, this is fixed in 17.04, so marking the
tor task as Invalid (it is an issue in the apparmor abstractions, not
tor) and marking the apparmor task as Fix Released. If someone wants to
perform the SRU or supply debdiffs, please open tasks against the
particular releases
I saw the same with ntp on Xenial, but can also confirm that >=Zesty things
seem to be fixed.
Before I had:
audit: type=1400 audit(1497945497.701:6958): apparmor="DENIED"
operation="file_inherit" namespace="root//lxd-xenial-ntp_"
profile="/usr/sbin/ntpd" name="/run/systemd/journal/stdout" pid=27
Also the bugs I refer were around other things but it seems to be not limited
to those services
smb: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1666748
freshclam: mysql: dhclient: https://github.com/lxc/lxd/issues/3255
--
You received this bug notification because you are a member o
I can no longer reproduce the original problem on current Zesty. I also
tried downgrading to what I think would have been active at the time of
my original report (tor and kernel versions known; I hadn't noted the
apparmor version though). This is as below, but I still cannot
reproduce.
root@test:
For now yes, but I think going forward we are going to want to split the
systemd bits in a subabstraction.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1670408
Title:
Missing apparmor rules cause t
Adding an AppArmor task for that second question.
** Also affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1670408
Title:
Missing
I wonder if "/run/systemd/journal/stdout rw" should be in an abstraction
- perhaps base?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1670408
Title:
Missing apparmor rules cause tor to fail to star
12 matches
Mail list logo
