** Patch added: "add ipc_owner to ntp apparmor profile"
https://bugs.launchpad.net/bugs/722815/+attachment/1864446/+files/usr.sbin.ntpd.patch
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in ubuntu.
https://bugs.launchpad.net/
** Changed in: ntp (Ubuntu)
Importance: Undecided => Low
** Changed in: ntp (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in ubuntu.
https://bugs.launchpad.net/bugs/722815
Title:
app
My previous patch file was made incorrectly. This new patch file has the
files in correct order, with full pathname.
** Patch added: "add ipc_owner to ntp apparmor profile"
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/722815/+attachment/1864472/+files/usr.sbin.ntpd.patch
--
You receive
** Patch removed: "add ipc_owner to ntp apparmor profile"
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/722815/+attachment/1864446/+files/usr.sbin.ntpd.patch
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in ubuntu.
https:
** Tags added: patch
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in ubuntu.
https://bugs.launchpad.net/bugs/722815
Title:
apparmor prevents ntp from reading gpsd
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.u
A quick hack (not recommended though as it most likely gives ntpd access
to shm and opens up a security hole) is to edit
/etc/apparmor.d/tunables/ntpd and use:
@{NTPD_DEVICE}="/proc/sysvipc/shm"
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscr
Thanks for tracking this down! Unfortunately, ipc_owner is a rather
strong capability (allows access to all shared memory), and it looks
like ntpd expects to actually write to the memory region (e.g.
"shm->valid = 0" is in the code), so SHM_RDONLY doesn't seem viable
either. Instead, I've added a n
This bug was fixed in the package ntp - 1:4.2.6.p2+dfsg-1ubuntu5
---
ntp (1:4.2.6.p2+dfsg-1ubuntu5) natty; urgency=low
* debian/apparmor-profile: add note about using shared memory for
a clock source (LP: #722815).
-- Kees CookThu, 10 Mar 2011 12:54:59 -0800
** Changed in: