This will be fixed in the next apparmor upload.
** Changed in: apparmor (Ubuntu)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1880841
Title:
usr.sbin.nscd needs unix socket access to @userdb-*
Status in apparmor package in Ubuntu:
In Progress
Bug description:
This concerns apparmor-profiles 2.13.3-7ubuntu5 in Ubuntu focal.
I use the usr.sbin.nscd profile in enforce mode, and am seeing the
following messages in /var/log/syslog . I don't know if the SIGABRT is
related:
May 27 04:39:56 test-ubuntu64 kernel: [ 199.392521] audit: type=1400
audit(1590568796.975:76): apparmor="DENIED" operation="bind" profile="nscd"
pid=1679 comm="nscd" family="unix" sock_type="dgram" protocol=0
requested_mask="bind" denied_mask="bind"
addr="@userdb-4a5d3fdcfb9afbd7fc75948800519358"
May 27 04:40:17 test-ubuntu64 systemd[1]: nscd.service: Main process exited,
code=killed, status=6/ABRT
May 27 04:40:17 test-ubuntu64 systemd[1]: nscd.service: Failed with result
'signal'.
May 27 04:40:17 test-ubuntu64 systemd[1]: nscd.service: Scheduled restart
job, restart counter is at 9.
The @userdb-* binding looks like a systemd thing. Should a rule for this go
into /etc/apparmor.d/abstractions/nameservice ?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1880841/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
