Your message dated Thu, 21 Jan 2021 03:04:23 +0000
with message-id <[email protected]>
and subject line Bug#980508: fixed in ntpsec 1.2.0+dfsg1-3
has caused the Debian Bug report #980508,
regarding ntpsec: apparmor="DENIED" while trying to read /etc/ssl/openssl.cnf
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
980508: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980508
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: ntpsec
Version: 1.2.0+dfsg1-2
Severity: normal
User: [email protected]
I just installed ntpsec (replacing ntp) and noticed the following error
msg wrt AppArmor. Single result broken up to keep below 80 char width.
# journalctl -kaf --no-hostname | grep -w 'apparmor="DENIED"'
jan 20 00:45:32 kernel: audit: type=1400 audit(1611099932.689:41):
apparmor="DENIED" operation="open" profile="/usr/sbin/ntpd"
name="/etc/ssl/openssl.cnf" pid=43157 comm="ntpd" requested_mask="r"
denied_mask="r" fsuid=0 ouid=0
I don't have an indication that ntpsec doesn't do its job because of
this, but thought I'd report it nonetheless, especially given the 'sec'
in its name.
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500,
'unstable'), (500, 'testing'), (101, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.0-1-amd64 (SMP w/16 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages ntpsec depends on:
ii adduser 3.118
ii init-system-helpers 1.60
ii libbsd0 0.10.0-1
ii libc6 2.31-9
ii libcap2 1:2.44-1
ii libssl1.1 1.1.1i-2
ii lsb-base 11.1.0
ii netbase 6.2
ii python3 3.9.1-1
ii python3-ntp 1.2.0+dfsg1-2
ii tzdata 2020f-1
Versions of packages ntpsec recommends:
ii cron [cron-daemon] 3.0pl1-136
ii systemd 247.2-5
Versions of packages ntpsec suggests:
ii apparmor 2.13.6-7
ii certbot 1.11.0-1
pn ntpsec-doc <none>
pn ntpsec-ntpviz <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: ntpsec
Source-Version: 1.2.0+dfsg1-3
Done: Richard Laager <[email protected]>
We believe that the bug you reported is fixed in the latest version of
ntpsec, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Richard Laager <[email protected]> (supplier of updated ntpsec package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 20 Jan 2021 20:36:38 -0600
Source: ntpsec
Architecture: source
Version: 1.2.0+dfsg1-3
Distribution: unstable
Urgency: medium
Maintainer: Richard Laager <[email protected]>
Changed-By: Richard Laager <[email protected]>
Closes: 980508
Changes:
ntpsec (1.2.0+dfsg1-3) unstable; urgency=medium
.
* apparmor: allow openssl.cnf (Closes: 980508)
Checksums-Sha1:
5ec1d22ffd73da0f72055b288ec0e1dfe8ceeff1 2400 ntpsec_1.2.0+dfsg1-3.dsc
07d0dbde9ad93d0eb86652182b624e554ff97838 2246844 ntpsec_1.2.0+dfsg1.orig.tar.xz
755bd44727136f9b13c08fa7b12f6eec2216df88 54648
ntpsec_1.2.0+dfsg1-3.debian.tar.xz
4d8b7092f9bce094d0daabb5de06678ab8ff8316 7972
ntpsec_1.2.0+dfsg1-3_source.buildinfo
Checksums-Sha256:
1f5a69c9ec6acb6c4e276bc3123626a5d30e62363bfcc0cf29ba79d1f7562805 2400
ntpsec_1.2.0+dfsg1-3.dsc
d2593bc7a5fa56757e8b0d4dd28733ca04fe04dccd15cfbb9eb00cf88114b160 2246844
ntpsec_1.2.0+dfsg1.orig.tar.xz
a1d954ad770a4c40917ef6b14f079128118f5e4f78095f1e8ff6d512de8ce071 54648
ntpsec_1.2.0+dfsg1-3.debian.tar.xz
d61f80ffc0deeaa3f518ff9fe9581901ebecd80bdc37c3ee7b7ed507958a844c 7972
ntpsec_1.2.0+dfsg1-3_source.buildinfo
Files:
925e2f5ceb95aed220e28821c4b6d56c 2400 net optional ntpsec_1.2.0+dfsg1-3.dsc
555229220afd3286da4d0d6e97aabd9a 2246844 net optional
ntpsec_1.2.0+dfsg1.orig.tar.xz
5e4d4f2615868100e5dd54d95b0d4463 54648 net optional
ntpsec_1.2.0+dfsg1-3.debian.tar.xz
318e98cd7cacf58e0ac464f8ecf43ec9 7972 net optional
ntpsec_1.2.0+dfsg1-3_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE1Ot9lOeOTujs4H+U+HlhmcBFhs4FAmAI6d4ACgkQ+HlhmcBF
hs6CJg/8CB/yZQBc6uY97t1a5ydL0c9gBkU8bny5nfb7DlJ/iynWx1NjjwGcgcDU
pdgFto2M/QIpgP02vn7/9W/gvValyiRfFN+059K+eOFK1YYLkYMYI541Bvt8MOkW
7/tnEITVTgPu1cEIUwxuLA7OTpQMoYeMxzYOOahmW+j1ZMNLamQZGoV6UL9wum/I
sAw+7EG44BPmPjB1SMV0iCqC35ScS/wz/1JklQiRiqtBDUbZSQfLXJ3VI/2ITqMO
1P71t3VJwQKy6KX06rjrZXA6FugqPURtUC9KNITw8lTGOvWChB+Ky2ION9pfCMne
JYjgPUZlaViEiPA1azFUKfg1D3Gg94aFvG+I0JIsfna93p9EMP+JWZYTap+F0DRB
pqDsevYhH2pwdo4T3glccZjjT6HiP3cSJQ81xAKm2+5FkENId7OeHLxNFmmykz3G
UsF4Tb2Gr5dIpDEN2qO4wvuB5k1eebJ/jYiVcilkVTGHN6RKmEYWw5F+qVw+Yx4E
GWv2LGWcQWpElcI6yJCfYEK1FHQHy1y9Icrf6veExFqNkx6/94PArGRHQm5Yu6gN
M+tX+hSPZQsOMnKsT+VI1OCCxc+p7D2BKlntScsT5cN/W8MMQ2MQsRTTSJsIRCsV
rieU2z3hWHgQ/nxg8ntKYjPLbRVCElKVdVoy6/YzZpKbiMTAOLY=
=nFZ9
-----END PGP SIGNATURE-----
--- End Message ---
