This bug was fixed in the package apparmor - 4.1.0~beta5-0ubuntu8
---------------
apparmor (4.1.0~beta5-0ubuntu8) plucky; urgency=medium
* Add a patch to allow OpenVPN access to the systemd notify socket
(LP: #2101796):
- d/p/u/openvpn-systemd-notify.patch
* Add a patch to allow OpenVPN to read NetworkManager imported certs
(LP: #2101909):
- d/p/u/openvpn-networkmanager-imports.patch
* Add a patch to allow utils to parse the fusermount profile
(LP: #2101869):
- d/p/u/utils-fix-mount-handling-hyphens.patch
apparmor (4.1.0~beta5-0ubuntu7) plucky; urgency=medium
* Add patch to add os-prober and linux-boot-prober profiles
(LP: #2099811):
- d/p/u/os_prober_mr_1569.patch
* debian/apparmor.install: add entries for the os-prober and
linux-boot-prober profiles
-- Ryan Lee <[email protected]> Mon, 10 Mar 2025 09:43:48 -0700
** Changed in: apparmor (Ubuntu Plucky)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2101796
Title:
openvpn profile doesn't allow access to /run/systemd/notify
Status in apparmor package in Ubuntu:
Fix Released
Status in apparmor source package in Plucky:
Fix Released
Bug description:
Hi,
Just upgraded my system from Oracular to Plucky over the weekend.
Unfortunately, OpenVPN fails to start:
| 2025-03-10T08:15:26.607201+11:00 dharkan kernel: audit: type=1400
audit(1741554926.605:2470): apparmor="DENIED" operation="sendmsg" class="file"
profile="openvpn" name="/run/systemd/notify" pid=53793 comm="openvpn"
requested_mask="w" denied_mask="w" fsuid=0 ouid=0
| 2025-03-10T08:15:26.608201+11:00 dharkan kernel: audit: type=1400
audit(1741554926.606:2471): apparmor="DENIED" operation="sendmsg" class="file"
profile="openvpn" name="/run/systemd/notify" pid=53794 comm="openvpn"
requested_mask="w" denied_mask="w" fsuid=0 ouid=0
| 2025-03-10T08:15:29.266120+11:00 dharkan kernel: audit: type=1400
audit(1741554929.263:2472): apparmor="DENIED" operation="sendmsg" class="file"
profile="openvpn" name="/run/systemd/notify" pid=53794 comm="openvpn"
requested_mask="w" denied_mask="w" fsuid=65534 ouid=0
Adding `/run/systemd/notify w,` to `/etc/apparmor.d/openvpn` fixed it
for me.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2101796/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
