Updated test case: - apt-get install apparmor-profiles dnsmasq - enable the dnsmasq profile with 'aa-enforce /etc/apparmor.d/usr.sbin.dnsmasq' - sudo /usr/sbin/dnsmasq -x /var/run/dnsmasq/dnsmasq.pid -u dnsmasq -7 /etc/dnsmasq.d - sudo /usr/sbin/dnsmasq -x /var/run/nm-dnsmasq.wlan0.pid -u dnsmasq -7 /etc/dnsmasq.d
While the profile addressed the original reporter's claim that /var/run/dsnmasq.wlan0.pid is the pid to look for, looking in the attached dmesg output and doing 'sudo /etc/init.d/dnsmasq start' showed additional locations for pidfiles and config files. The updated profile should have these additions: capability dac_override, /etc/dnsmasq.d/ r, /etc/dnsmasq.d/* r, /var/run/*dnsmasq*.pid w, /var/run/dnsmasq/ r, /var/run/dnsmasq/* rw, At present, the profile is useless without these additions, as dnsmasq won't even start when the profile is in enforce mode. -- profile for usr.sbin.dnsmasq needs adjustment https://bugs.launchpad.net/bugs/445818 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs