AppArmor profiles need updates for /var/run → /run and /var/lock → /run/lock and /dev/shm → /run/shm
Bug #810270 reported by
Micah Gersten
This bug affects 15 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor (Ubuntu) |
Fix Released
|
High
|
Jamie Strandboge | ||
Oneiric |
Fix Released
|
High
|
Jamie Strandboge | ||
bind9 (Ubuntu) |
Fix Released
|
High
|
Martin Pitt | ||
Oneiric |
Fix Released
|
High
|
Martin Pitt | ||
clamav (Ubuntu) |
Fix Released
|
High
|
Jamie Strandboge | ||
Oneiric |
Fix Released
|
High
|
Jamie Strandboge | ||
cups (Ubuntu) |
Fix Released
|
High
|
Martin Pitt | ||
Oneiric |
Fix Released
|
High
|
Martin Pitt | ||
gdm-guest-session (Ubuntu) |
Fix Released
|
High
|
Jamie Strandboge | ||
Oneiric |
Fix Released
|
High
|
Jamie Strandboge | ||
isc-dhcp (Ubuntu) |
Fix Released
|
High
|
Jamie Strandboge | ||
Oneiric |
Fix Released
|
High
|
Jamie Strandboge | ||
libvirt (Ubuntu) |
Fix Released
|
High
|
Jamie Strandboge | ||
Oneiric |
Fix Released
|
High
|
Jamie Strandboge | ||
mysql-5.1 (Ubuntu) |
Fix Released
|
High
|
Martin Pitt | ||
Oneiric |
Fix Released
|
High
|
Martin Pitt | ||
ntp (Ubuntu) |
Fix Released
|
High
|
Martin Pitt | ||
Oneiric |
Fix Released
|
High
|
Martin Pitt | ||
openldap (Ubuntu) |
Fix Released
|
High
|
Martin Pitt | ||
Oneiric |
Fix Released
|
High
|
Martin Pitt |
Bug Description
Figured I'd file a tracking bug for this. The symlink exists from /var/run to /run, but I'm guessing the profiles don't like this. The main problems I've seen so far are cups and dhclient (which I think are both profiles in their respective packages).
Related branches
Changed in cups (Ubuntu Oneiric): | |
status: | In Progress → Fix Committed |
Changed in apparmor (Ubuntu Oneiric): | |
assignee: | Martin Pitt (pitti) → nobody |
summary: |
- AppArmor profiles need updates for /var/run → /run + AppArmor profiles need updates for /var/run → /run and /var/lock → + /run/lock |
Changed in ntp (Ubuntu Oneiric): | |
status: | New → Triaged |
Changed in isc-dhcp (Ubuntu Oneiric): | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Changed in ntp (Ubuntu Oneiric): | |
importance: | Undecided → High |
Changed in clamav (Ubuntu Oneiric): | |
milestone: | none → oneiric-alpha-3 |
status: | New → Triaged |
Changed in gdm-guest-session (Ubuntu Oneiric): | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
importance: | Undecided → High |
milestone: | none → oneiric-alpha-3 |
status: | New → Triaged |
Changed in clamav (Ubuntu Oneiric): | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Changed in bind9 (Ubuntu Oneiric): | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
milestone: | none → oneiric-alpha-3 |
Changed in clamav (Ubuntu Oneiric): | |
importance: | Undecided → High |
Changed in apparmor (Ubuntu Oneiric): | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Changed in mysql-5.1 (Ubuntu Oneiric): | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
importance: | Undecided → High |
milestone: | none → oneiric-alpha-3 |
status: | New → Triaged |
Changed in openldap (Ubuntu Oneiric): | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
importance: | Undecided → High |
milestone: | none → oneiric-alpha-3 |
status: | New → Triaged |
Changed in apparmor (Ubuntu Oneiric): | |
status: | Triaged → In Progress |
summary: |
AppArmor profiles need updates for /var/run → /run and /var/lock → - /run/lock + /run/lock and /dev/shm -> /run/shm |
Changed in openldap (Ubuntu Oneiric): | |
assignee: | Jamie Strandboge (jdstrand) → Martin Pitt (pitti) |
status: | Triaged → Fix Committed |
Changed in bind9 (Ubuntu Oneiric): | |
status: | In Progress → Fix Committed |
summary: |
AppArmor profiles need updates for /var/run → /run and /var/lock → - /run/lock and /dev/shm -> /run/shm + /run/lock and /dev/shm → /run/shm |
Changed in mysql-5.1 (Ubuntu Oneiric): | |
assignee: | Jamie Strandboge (jdstrand) → Martin Pitt (pitti) |
status: | Triaged → In Progress |
Changed in isc-dhcp (Ubuntu Oneiric): | |
status: | Triaged → In Progress |
Changed in isc-dhcp (Ubuntu Oneiric): | |
status: | In Progress → Fix Committed |
Changed in clamav (Ubuntu Oneiric): | |
status: | Triaged → In Progress |
Changed in libvirt (Ubuntu Oneiric): | |
status: | Triaged → In Progress |
Changed in clamav (Ubuntu Oneiric): | |
status: | In Progress → Fix Committed |
To post a comment you must log in.
Example:
Jul 14 11:27:50 localhost kernel: [ 8660.404355] type=1400 audit(131063567 0.401:12064) : apparmor="DENIED" operation="chown" parent=1 profile= "/usr/sbin/ cupsd" name="/run/cups/" pid=6276 comm="cupsd" requested_mask="w" denied_mask="w" fsuid=0 ouid=0 0.401:12065) : apparmor="DENIED" operation="chown" parent=1 profile= "/usr/sbin/ cupsd" name="/ run/cups/ certs/" pid=6276 comm="cupsd" requested_mask="w" denied_mask="w" fsuid=0 ouid=0 0.441:12066) : apparmor="DENIED" operation="mknod" parent=1 profile= "/usr/sbin/ cupsd" name="/ run/cups/ printcap" pid=6276 comm="cupsd" requested_mask="c" denied_mask="c" fsuid=0 ouid=0 0.441:12067) : apparmor="DENIED" operation="mknod" parent=1 profile= "/usr/sbin/ cupsd" name="/ run/cups/ cups.sock" pid=6276 comm="cupsd" requested_mask="c" denied_mask="c" fsuid=0 ouid=0 0.441:12068) : apparmor="DENIED" operation="mknod" parent=1 profile= "/usr/sbin/ cupsd" name="/ run/cups/ cupsd.pid" pid=6276 comm="cupsd" requested_mask="c" denied_mask="c" fsuid=0 ouid=0
Jul 14 11:27:50 localhost kernel: [ 8660.404469] type=1400 audit(131063567
Jul 14 11:27:50 localhost kernel: [ 8660.443356] type=1400 audit(131063567
Jul 14 11:27:50 localhost kernel: [ 8660.445231] type=1400 audit(131063567
Jul 14 11:27:50 localhost kernel: [ 8660.445362] type=1400 audit(131063567