Closing this bug based on my last comment.
** Changed in: apparmor (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1703520
Title
The attach_disconnected flag was added to the dnsmasq profile just
before 16.04 was released:
https://launchpad.net/ubuntu/+source/apparmor/2.10.95-0ubuntu2
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu
For the records:
revno: 3437
fixes bug: https://launchpad.net/bugs/1569316
committer: Tyler Hicks
branch nick: apparmor
timestamp: Tue 2016-04-12 16:36:43 -0500
message:
profiles: Add attach_disconnected flag to dnsmasq profile
https://launchpad.net/bugs/1569316
When Ubuntu made the j
@Bjoern can you set a couple of apparmor flags and report back what is
reported in the logs?
Specifically as root can you do
echo -n "noquiet" > /sys/module/apparmor/parameters/audit
echo 1 > /sys/module/apparmor/parameters/debug
echo 0 > /proc/sys/kernel/printk_ratelimit
and then restart dnsma
Hello Seth Arnold,
i don't have change anything at dnsmasq.
I have only create a profile and set the profile in complain mode.
Normally in complain mode Apparmor shouldn't block anything. Apparmor
should only log. Why should apparmor influence the behaviour of dnsmasq
in complain mode?
--
You
P.S. In the log file i can see, that Apparmor have allowed the
connection. I don't know why dnsmasq doesn't work with Apparmor in
complain mode. But apparmor have allowed the connection. Why did this
influence dnsmasq?
--
You received this bug notification because you are a member of Ubuntu
Touch
Did you by chance change anything related to dnsmasq's startup? This
looks like dnsmasq is now starting in a private filesystem namespace
without access to the dbus sockets. It's possible to adapt the AppArmor
profile for this (by adding the attach_disconnected flag to the profile)
but the downside
** Description changed:
After i have firefox, chromium-browser and dnsmasq profiled with sudo
aa-autodep (complain-mode was used), i can not resolving websites. (Log
is at the attachement)
- I have copied the profiles of the three programms from the top in
/etc/apparmor.d/disable and aft
8 matches
Mail list logo