Public bug reported:
Binary package hint: apparmor
Upon upgrading to Hardy Heron via "sudo adept_manager --dist-upgrade-
devel", I found that KDM would fail to launch when in Runlevel 2 (KDM
should automatically start in this level).
If I login and issue "sudo /etc/init.d/kdm start", then KDM launches
successfully.
The last app/service to start just prior to this was klogd. I noticed
that with the Hardy Heron update, klogd was in enforce mode under
apparmor, and provided a complaint in the log as follows:
[ 26.284000] audit(1196704494.632:3): type=1502
operation="inode_permission" requested_mask="r" denied_mask="r"
name="/proc/kallsyms" pid=5088 profile="/sbin/klogd"
So, it would appear that apparmor and klogd had somehow prevent KDM from
launching during boot (not sure if additional services would be impacted
if launched after klogd, other than KDM, which was easy to identify.
To resolve the issue, I have temporarily placed klogd into complain
mode, and rebooted. KDM now launches correctly.
Two points:
1) apparmor wrappers like this shouldn't cause KDM to fail (IMHO). How
can this be addressed so as to allow KDM to at least launch when an app
is in complain mode (like klogd). KDM is a must under Kubuntu.
2) What is the correct fix to apparmor/klogd based on my error message
below? I know that bumping back to complain mode does nothing for
security, but it got me up again. I'd like a permanent/proper fix.
Thanks.
** Affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
--
apparmor with klogd in enforce mode, causes kdm to fail during initial launch
on Hardy Heron
https://bugs.launchpad.net/bugs/173709
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
