Applying the fix above to /etc/apparmor.d/local/usr.sbin.sssd and
running the parser replace fixed the sssd startup issue. I confirmed by
returning sssd to 'enforce' mode (aa-enforce /usr/sbin/sssd).
The 'apparmor_status' output now shows the /usr/libexec/sssd binaries as
well:
apparmor module is loaded.
32 profiles are loaded.
32 profiles are in enforce mode.
/snap/snapd/10707/usr/lib/snapd/snap-confine
/snap/snapd/10707/usr/lib/snapd/snap-confine//mount-namespace-capture-helper
/usr/bin/man
/usr/lib/NetworkManager/nm-dhcp-client.action
/usr/lib/NetworkManager/nm-dhcp-helper
/usr/lib/connman/scripts/dhclient-script
/usr/lib/snapd/snap-confine
/usr/lib/snapd/snap-confine//mount-namespace-capture-helper
/usr/sbin/chronyd
/usr/sbin/rsyslogd
/usr/sbin/sssd
/usr/sbin/tcpdump
/{,usr/}sbin/dhclient
ippusbxd
lsb_release
man_filter
man_groff
nvidia_modprobe
nvidia_modprobe//kmod
snap-update-ns.lxd
snap.lxd.activate
snap.lxd.benchmark
snap.lxd.buginfo
snap.lxd.check-kernel
snap.lxd.daemon
snap.lxd.hook.configure
snap.lxd.hook.install
snap.lxd.hook.remove
snap.lxd.lxc
snap.lxd.lxc-to-lxd
snap.lxd.lxd
snap.lxd.migrate
0 profiles are in complain mode.
8 processes have profiles defined.
8 processes are in enforce mode.
/usr/sbin/chronyd (994)
/usr/sbin/chronyd (998)
/usr/sbin/rsyslogd (925)
/usr/sbin/sssd (929)
/usr/libexec/sssd/sssd_be (1279) /usr/sbin/sssd
/usr/libexec/sssd/sssd_nss (1480) /usr/sbin/sssd
/usr/libexec/sssd/sssd_pam (1481) /usr/sbin/sssd
/usr/libexec/sssd/sssd_ssh (1484) /usr/sbin/sssd
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
Thanks for the help!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1910611
Title:
sssd startup fails when apparmor in enforcing mode
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1910611/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
