Source: inspircd
Version: 3.4.0-1
Severity: important
Tags: patch
Dear Maintainer,
The AppArmor policy that is included with the unstable inspircd package
specifies an incorrect path to the pidfile for the inspircd daemon.
As a result AppArmor blocks inspircd from writing its own pidfile
during launch, causing startup to fail. This can be reproduced with
'apt-get install inspircd' and then 'journalctl -u inspircd.service'
on a fresh unstable machine (with AppArmor enabled).
systemd[1]: Starting InspIRCd - Internet Relay Chat Daemon...
inspircd[10533]: InspIRCd - Internet Relay Chat Daemon
inspircd[10533]: For contributors & authors: See /INFO Output
systemd[1]: inspircd.service: Can't open PID file /run/inspircd/inspircd.pid
(yet?) after start: Operation not permitted
systemd[1]: inspircd.service: Failed with result 'protocol'.
systemd[1]: Failed to start InspIRCd - Internet Relay Chat Daemon.
This issue appears to have been introduced in unstable when the pidfile
path was changed from /run/inspircd.pid to /run/inspircd/inspircd.pid in
all locations except the AppArmor policy.
The fix is straightforward:
Index: inspircd-3.4.0/debian/apparmor/usr.sbin.inspircd
===================================================================
--- inspircd-3.4.0.orig/debian/apparmor/usr.sbin.inspircd
+++ inspircd-3.4.0/debian/apparmor/usr.sbin.inspircd
@@ -22,7 +22,7 @@
/etc/ldap/ldap.conf r,
# pidfile used by inspircd.
- /run/inspircd.pid w,
+ /run/inspircd/inspircd.pid w,
# we need to be able to write to the log file
# and also the old log when logrotate happends
Christian
-- System Information:
Debian Release: bullseye/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 5.3.0-3-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
