Per Jessen wrote:
Sid Boyce wrote:
done barrabas:~ # tail -20 /var/log/ntp
1 Oct 15:29:45 ntpd[3687]: synchronized to 128.118.25.3, stratum 2
5 Oct 11:57:22 ntpd[3687]: ntpd exiting on signal 15
5 Oct 11:59:01 ntpd[5058]: cap_set_proc() failed to drop root
privileges: Operation not permitted
Check your /var/log/audit/audit.log - this looks like apparmor may be
getting in the way.
You may be able to update the profile by running
'aa-genprof <ntpd-binary>'
/Per Jessen, Zürich
type=APPARMOR msg=audit(1159712726.582:6): REJECTING r access to
/proc/net/if_inet6 (ntpd(3687) profile /usr/sbin/ntpd active /usr/sbin/ntpd)
type=APPARMOR msg=audit(1159713575.608:7): REJECTING m access to
/etc/ld.so.cache (netstat(4724) profile /bin/netstat active /bin/netstat)
type=APPARMOR msg=audit(1159755718.633:8): REJECTING m access to
/etc/ld.so.cache (netstat(801) profile /bin/netstat active /bin/netstat)
type=APPARMOR msg=audit(1159802849.507:9): REJECTING m access to
/etc/ld.so.cache (netstat(6917) profile /bin/netstat active /bin/netstat)
OK, I'm running a vanilla kernel without apparmor, selinux enabled and
the apparmor panel says apparmor is disabled, so it's puzzling. At one
stage I did look around for apparmor patches, but none could be found.
Regards
Sid.
--
Sid Boyce ... Hamradio License G3VBV, Licensed Private Pilot
Emeritus IBM/Amdahl Mainframes and Sun/Fujitsu Servers Tech Support
Specialist, Cricket Coach
Microsoft Windows Free Zone - Linux used for all Computing Tasks
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
