Control: tag -1 + moreinfo Hi marco,
Marco (2020-05-05): > I was getting an error message when starting apparmor: > > # systemctl status apparmor.service > > ● apparmor.service - Load AppArmor profiles > Loaded: loaded (/lib/systemd/system/apparmor.service; enabled; vendor > preset: enabled) > Active: failed (Result: exit-code) since Tue 2020-05-05 13:02:26 -03; > 2min 3s ago > Docs: man:apparmor(7) > https://gitlab.com/apparmor/apparmor/wikis/home/ > Main PID: 6936 (code=exited, status=1/FAILURE) > > systemd[1]: Starting Load AppArmor profiles... > apparmor.systemd[6936]: Restarting AppArmor > apparmor.systemd[6936]: Reloading AppArmor profiles > apparmor.systemd[6955]: AppArmor parser error for /etc/apparmor.d in > /etc/apparmor.d/abstractions/authentication at line 49: Could not open > 'abstractions/smbpass' > apparmor.systemd[7039]: AppArmor parser error for > /etc/apparmor.d/usr.sbin.cupsd in /etc/apparmor.d/abstractions/authentication > at line 49: Could not open 'abstractions/sm> > apparmor.systemd[6936]: Error: At least one profile failed to load > systemd[1]: apparmor.service: Main process exited, code=exited, > status=1/FAILURE > systemd[1]: apparmor.service: Failed with result 'exit-code'. > systemd[1]: Failed to start Load AppArmor profiles. Thank you for reporting this. I cannot reproduce this problem here, so I'll need some more information from you. Could you please try to load a profile that uses abstractions/authentication, for example this one (included in the cups-daemon package): sudo apparmor_parser --verbose -r /etc/apparmor.d/usr.sbin.cupsd This should be sufficient to trigger the bug and should display more information about the problem. Also, I suspect the problem comes from a conflict between the default abstractions/smbpass rules, and another rule coming from somewhere else, such as a local addition. So: - Did you add/modify any file in /etc/apparmor.d/tunables/*.d? - What's the output of this command: sudo rgrep samba /etc/apparmor.d/local/ Cheers!
