On Thu, Sep 5, 2019 at 1:11 AM Seth Arnold <seth.arn...@canonical.com> wrote:
>
> On Wed, Sep 04, 2019 at 08:02:56PM +0200, Birger Birger wrote:
> > This looks promising to troubleshoot. Any ideas?
>
> Do you know what winbindd does with this pipe? Are there any local
> configuration changes that would have put this pipe in this directory?
>
> It feels a lot like a new name for the pipes listed in
> <abstractions/winbind>:
>
> /tmp/.winbindd/pipe rw,
> /var/{lib,run}/samba/winbindd_privileged/pipe rw,
>
> Does this sound right? Or is this pipe something different from these?
I think I have seen this deny come up in other cases and never spotted
exactly where it came from.
But I wanted to use this chance and find the base config for it.
It turns out that it is even in the base samba config, and thereby I
agree with Seth that this might be another entry for the abstraction.
Here smb.conf (5)
winbindd socket directory (G)
This setting controls the location of the winbind daemon's socket.
Except within automated test scripts, this should not be
altered, as the client tools (nss_winbind etc) do not honour this
parameter. Client tools must then be advised of the
altered path with the WINBINDD_SOCKET_DIR environment varaible.
Default: winbindd socket directory = /var/run/samba/winbindd
And since /var/run => /run we see the reported deny.
cu
Christian
> Thanks
>
> > > On Sep 4, 2019, at 03:01, Birger Birger via clamav-users <
> > clamav-us...@lists.clamav.net> wrote:
> > >
> >
> > From Ubuntu syslog:
> > > Sep 4 08:40:01 zentyal kernel: [345190.998397] audit: type=1400
> > audit(1567579201.044:83): apparmor="DENIED" operation="connect"
> > profile="/usr/bin/freshclam" name="/run/samba/winbindd/pipe" pid=1269
> > comm="freshclam" requested_mask="wr" denied_mask="wr" fsuid=0 ouid=0
>
> --
> AppArmor mailing list
> AppArmor@lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/apparmor
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
