Your message dated Fri, 27 Feb 2026 07:48:58 +0000
with message-id <[email protected]>
and subject line Bug#1032298: fixed in tcpdump 4.99.5-3
has caused the Debian Bug report #1032298,
regarding tcpdump: apparmor blocks writing to stdout/stderr in lxd container
[PATCH]
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1032298: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032298
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: tcpdump
Version: 4.99.3-1
tags: patch
Hello, we found in Ubuntu [1] (but there is no need to think that this isn't an
issue with Debian too)
that from a SSH session inside a container the output can't be shown, due to
apparmor denying wirtes to /dev/pts/
(something that is tried by tcpdump).
To reproduce, create an lxd container, launch it, and run tcpdump -i eth0 -nn
not tcp port 22
If you ping now the ip of the container, you won't be able to see output even
after pressing ctrl+c.
The kernel logs will instead see lots of DENIED strings from apparmor
[ 575.438349] audit: type=1400 audit(1676055298.285:164): apparmor="DENIED" operation="file_inherit"
namespace="root//lxd-peaceful-rattler_<var-snap-lxd-common-lxd>" profile="/usr/sbin/tcpdump" name="/dev/pts/1" pid=7922
comm="tcpdump" requested_mask="wr" denied_mask="wr" fsuid=1000000 ouid=1000000
The patch is trivial, and in Debian packaging:
diff -Nru tcpdump-4.99.1/debian/usr.bin.tcpdump
tcpdump-4.99.1/debian/usr.bin.tcpdump
--- tcpdump-4.99.1/debian/usr.bin.tcpdump 2022-05-08 16:24:57.000000000
+0000
+++ tcpdump-4.99.1/debian/usr.bin.tcpdump 2023-02-10 18:15:53.000000000
+0000
@@ -64,6 +64,10 @@
/usr/bin/tcpdump mr,
+ # allow printing to stdout/stderr when inside a container
+ # (LP: #1667016)
+ /dev/pts/* rw,
+
# Site-specific additions and overrides. See local/README for details.
#include <local/usr.bin.tcpdump>
}
thanks for considering it
Gianfranco
[1] https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1667016
OpenPGP_signature
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: tcpdump
Source-Version: 4.99.5-3
Done: Gianfranco Costamagna <[email protected]>
We believe that the bug you reported is fixed in the latest version of
tcpdump, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Gianfranco Costamagna <[email protected]> (supplier of updated tcpdump
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 27 Feb 2026 08:41:50 +0100
Source: tcpdump
Built-For-Profiles: noudeb
Architecture: source
Version: 4.99.5-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Security Tools <[email protected]>
Changed-By: Gianfranco Costamagna <[email protected]>
Closes: 1032298
Launchpad-Bugs-Fixed: 1667016
Changes:
tcpdump (4.99.5-3) unstable; urgency=medium
.
[ Luca Boccassi ]
* Stop deleting tcpdump user/group on purge
* Install and use sysusers.d config file
.
[ Gianfranco Costamagna, Georgia Garcia ]
* debian/usr.sbin.tcpdump: allow tcpdump printing to stdout/stderr when
running from a container (LP: #1667016) (Closes: #1032298)
Checksums-Sha1:
cc39488bb95754699a3c9be61864e60a67ae8e1d 1966 tcpdump_4.99.5-3.dsc
8a0d390a0feef71b6060c3d3c4097f97be4f8d4e 1418476 tcpdump_4.99.5.orig.tar.xz
5c07d620108fb7fee4d9d9732d38d5572d5664fe 18508 tcpdump_4.99.5-3.debian.tar.xz
3db0f42c85a830d37f6afe600f282ba59a7aadc6 7927 tcpdump_4.99.5-3_source.buildinfo
Checksums-Sha256:
2e510d7f02b451adc85f4714c3a8d86be1b340d2fbad611d7bca0953eb1684a3 1966
tcpdump_4.99.5-3.dsc
d76395ab82d659d526291b013eee200201380930793531515abfc6e77b4f2ee5 1418476
tcpdump_4.99.5.orig.tar.xz
92417dfa433c04bfe5970e7b3e067005de09f545b1df8960d8f649b71038e893 18508
tcpdump_4.99.5-3.debian.tar.xz
902fa203feb933e473b382b1f73392232237c5cde261c197eb9b729f131fdfe7 7927
tcpdump_4.99.5-3_source.buildinfo
Files:
6539b440041dc35961900a7ec676d235 1966 net optional tcpdump_4.99.5-3.dsc
f7770483dc8380e529fe2bdebb974287 1418476 net optional
tcpdump_4.99.5.orig.tar.xz
781a74f2650976f2636ca7347aebbe78 18508 net optional
tcpdump_4.99.5-3.debian.tar.xz
a4bb1442855bb7ebb8a33ac1cac5e971 7927 net optional
tcpdump_4.99.5-3_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEkpeKbhleSSGCX3/w808JdE6fXdkFAmmhSx8ACgkQ808JdE6f
Xdle1BAAm2nmHTacDmQFkHk+T0huRgwGx+Cd0xWpIjHrTketP7kBlJtSCt3cTH6h
Hvndyvjbi56Yk8QoXDfOFYIw8WUAWEoE0h0H42ss4XtzV41I9yc33r+9TLu5HyUR
DYsGsH+jwztZLGnPgScSpL5kwYHXyraCQjDm7KFjR1RN9wiU7Ru5MqzyTpgqJI01
/KH4dsGv6GlHHGLyWesDm4Da6kJTksTiBJPiEGC4KcWBc3fnJvp5qSrhxrl7EhQR
ccuP6StM9g9nA2cQrLaTjOLfOjDGAXZs9t2sfoJQznIMZ3GgMwcAYVfuxK4ex7A6
Zo5sTEfcw94sA/UuQ0JIrXRx7sDn3LVrM74TIQoaeHjuPw4aXmBTPVFgMxDxAunB
ltVz7nlcOjj9zUivLuVbHlyQPtXWbJB3bm3es5WXmqvftHc6FwJ5et1UG5dKei0a
AtjcZA6b/NyHxaNoxSWqw5F91bMjCuUXRnxuZCkfB22WvhHcr1ZXbL9Ax0IbbhGp
nUX3RYy73zGLcliHCH6TuEj3pgyyZGJquEyjdtfvrqURQlnjmbMlK1UiwoUqh5Ye
M11dagMMGrWlNMI9UA4VbKaLn4G3aM4wdKiut4fJ3zVtQrm4zEOpwdq0Phww1ek/
DNB+ND8VrGDo+qgeQ7HxOjbFuztMDgEZ+WD90BlBQbehwxYLpnA=
=oi2c
-----END PGP SIGNATURE-----
pgpeUpYuztpBc.pgp
Description: PGP signature
--- End Message ---
