[Touch-packages] [Bug 1296667] Re: dovecot/apparmor: profile not found
This bug was fixed in the package apparmor - 2.8.95~2430-0ubuntu5.3 --- apparmor (2.8.95~2430-0ubuntu5.3) trusty-proposed; urgency=medium * debian/apparmor-profiles.install: add missing dovecot profiles (LP: #1296667) -- Steve Beattie sbeat...@ubuntu.com Fri, 12 Jun 2015 23:21:58 -0700 ** Changed in: apparmor (Ubuntu Trusty) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1296667 Title: dovecot/apparmor: profile not found Status in AppArmor: Fix Released Status in apparmor package in Ubuntu: Fix Released Status in apparmor source package in Trusty: Fix Released Bug description: [impact] This bug prevents dovecot users from using the apparmor policies shipped in the apparmor-profiles package without significant modifications. [steps to reproduce] 1) install and setup dovecot and confirm that it's functioning as expected 2) install the apparmor-profiles package 3) restart dovecot to ensure apparmor policies are being applied 4) if this bug has been addressed, dovecot should start successfully without generating apparmor rejections [regression potential] The change in the patch for this bug updates the dovecot policy to match the most recent apparmor release (2.9.2). These add missing policies, restructure a few things to common abstractions, and grant additional permissions. Any regressions related to this patch would be strictly limited to the policy for dovecot. [original description] I'm on Ubuntu 14.04 LTS. Since last week I get these messages: [11468.257576] type=1400 audit(1395659127.103:38560): apparmor=ALLOWED operation=connect profile=/usr/lib/dovecot/imap-login name=/run/dovecot/config pid=30971 comm=imap-login requested_mask=rw denied_mask=rw fsuid=0 ouid=0 [11491.128691] type=1400 audit(1395659149.988:38616): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=30978 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 [11551.171186] type=1400 audit(1395659210.056:38853): apparmor=ALLOWED operation=capable profile=/usr/sbin/dovecot pid=31620 comm=dovecot capability=36 capname=block_suspend [11551.171338] type=1400 audit(1395659210.056:38854): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=31630 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 When I then start dovecot I get these in mail.log: Mar 24 08:42:52 polly dovecot: master: Dovecot v2.2.9 starting up (core dumps disabled) Mar 24 08:42:52 polly dovecot: master: Fatal: execv(/usr/lib/dovecot/log) failed: No such file or directory Mar 24 08:42:52 polly dovecot: master: Error: service(anvil): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(log): child 1387 returned error 84 (exec() failed) Mar 24 08:42:52 polly dovecot: master: Error: service(log): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(ssl-params): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(config): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(imap-login): command startup failed, throttling for 2 secs I tried to purge and reinstall apparmor(-profiles) but that didn't fix this issue. I did a aa-disable dovecot and now the errors are gone. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1296667/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1296667] Re: dovecot/apparmor: profile not found
I ran dovecot-core 1:2.2.9-1ubuntu2.1 with apparmor-profiles
2.8.95~2430-0ubuntu5.3 and didn't get any errors in mail.log or
complaints from apparmor.
$ sudo aa-status
apparmor module is loaded.
49 profiles are loaded.
16 profiles are in enforce mode.
/sbin/dhclient
/usr/bin/evince
/usr/bin/evince-previewer
/usr/bin/evince-previewer//sanitized_helper
/usr/bin/evince-thumbnailer
/usr/bin/evince-thumbnailer//sanitized_helper
/usr/bin/evince//sanitized_helper
/usr/lib/NetworkManager/nm-dhcp-client.action
/usr/lib/chromium-browser/chromium-browser//browser_java
/usr/lib/chromium-browser/chromium-browser//browser_openjdk
/usr/lib/chromium-browser/chromium-browser//sanitized_helper
/usr/lib/connman/scripts/dhclient-script
/usr/lib/lightdm/lightdm-guest-session
/usr/lib/lightdm/lightdm-guest-session//chromium
/usr/sbin/rsyslogd
/usr/sbin/tcpdump
33 profiles are in complain mode.
/sbin/klogd
/sbin/syslog-ng
/sbin/syslogd
/usr/lib/chromium-browser/chromium-browser
/usr/lib/chromium-browser/chromium-browser//chromium_browser_sandbox
/usr/lib/chromium-browser/chromium-browser//lsb_release
/usr/lib/chromium-browser/chromium-browser//xdgsettings
/usr/lib/dovecot/anvil
/usr/lib/dovecot/auth
/usr/lib/dovecot/config
/usr/lib/dovecot/deliver
/usr/lib/dovecot/dict
/usr/lib/dovecot/dovecot-auth
/usr/lib/dovecot/dovecot-lda
/usr/lib/dovecot/imap
/usr/lib/dovecot/imap-login
/usr/lib/dovecot/lmtp
/usr/lib/dovecot/log
/usr/lib/dovecot/managesieve
/usr/lib/dovecot/managesieve-login
/usr/lib/dovecot/pop3
/usr/lib/dovecot/pop3-login
/usr/lib/dovecot/ssl-params
/usr/sbin/avahi-daemon
/usr/sbin/dnsmasq
/usr/sbin/dovecot
/usr/sbin/identd
/usr/sbin/mdnsd
/usr/sbin/nmbd
/usr/sbin/nscd
/usr/sbin/smbd
/usr/{sbin/traceroute,bin/traceroute.db}
/{usr/,}bin/ping
9 processes have profiles defined.
2 processes are in enforce mode.
/sbin/dhclient (30347)
/usr/sbin/rsyslogd (421)
7 processes are in complain mode.
/usr/lib/dovecot/anvil (23852)
/usr/lib/dovecot/config (23855)
/usr/lib/dovecot/log (23853)
/usr/sbin/avahi-daemon (594)
/usr/sbin/avahi-daemon (595)
/usr/sbin/dnsmasq (1583)
/usr/sbin/dovecot (23851)
0 processes are unconfined but have a profile defined.
** Changed in: apparmor (Ubuntu Trusty)
Status: In Progress = Fix Committed
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1296667
Title:
dovecot/apparmor: profile not found
Status in AppArmor:
Fix Released
Status in apparmor package in Ubuntu:
Fix Released
Status in apparmor source package in Trusty:
Fix Committed
Bug description:
[impact]
This bug prevents dovecot users from using the apparmor policies shipped
in the apparmor-profiles package without significant modifications.
[steps to reproduce]
1) install and setup dovecot and confirm that it's functioning as
expected
2) install the apparmor-profiles package
3) restart dovecot to ensure apparmor policies are being applied
4) if this bug has been addressed, dovecot should start successfully
without generating apparmor rejections
[regression potential]
The change in the patch for this bug updates the dovecot policy to
match the most recent apparmor release (2.9.2). These add missing
policies, restructure a few things to common abstractions, and grant
additional permissions. Any regressions related to this patch would
be strictly limited to the policy for dovecot.
[original description]
I'm on Ubuntu 14.04 LTS. Since last week I get these messages:
[11468.257576] type=1400 audit(1395659127.103:38560): apparmor=ALLOWED
operation=connect profile=/usr/lib/dovecot/imap-login
name=/run/dovecot/config pid=30971 comm=imap-login requested_mask=rw
denied_mask=rw fsuid=0 ouid=0
[11491.128691] type=1400 audit(1395659149.988:38616): apparmor=ALLOWED
operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot
name=/usr/lib/dovecot/auth pid=30978 comm=dovecot requested_mask=x
denied_mask=x fsuid=0 ouid=0
[11551.171186] type=1400 audit(1395659210.056:38853): apparmor=ALLOWED
operation=capable profile=/usr/sbin/dovecot pid=31620 comm=dovecot
capability=36 capname=block_suspend
[11551.171338] type=1400 audit(1395659210.056:38854): apparmor=ALLOWED
operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot
name=/usr/lib/dovecot/auth pid=31630 comm=dovecot requested_mask=x
denied_mask=x fsuid=0 ouid=0
When I then start dovecot I get these in mail.log:
Mar 24 08:42:52 polly dovecot: master: Dovecot v2.2.9 starting up (core dumps
disabled)
Mar 24 08:42:52 polly dovecot: master: Fatal: execv(/usr/lib/dovecot/log)
failed: No such file or directory
Mar 24
[Touch-packages] [Bug 1296667] Re: dovecot/apparmor: profile not found
The dovecot profiles were addressed in apparmor 2.9.2 or earlier, closing that portion of this bug. ** Changed in: apparmor Status: New = Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1296667 Title: dovecot/apparmor: profile not found Status in AppArmor Linux application security framework: Fix Released Status in apparmor package in Ubuntu: Fix Released Status in apparmor source package in Trusty: In Progress Bug description: [impact] This bug prevents dovecot users from using the apparmor policies shipped in the apparmor-profiles package without significant modifications. [steps to reproduce] 1) install and setup dovecot and confirm that it's functioning as expected 2) install the apparmor-profiles package 3) restart dovecot to ensure apparmor policies are being applied 4) if this bug has been addressed, dovecot should start successfully without generating apparmor rejections [regression potential] The change in the patch for this bug updates the dovecot policy to match the most recent apparmor release (2.9.2). These add missing policies, restructure a few things to common abstractions, and grant additional permissions. Any regressions related to this patch would be strictly limited to the policy for dovecot. [original description] I'm on Ubuntu 14.04 LTS. Since last week I get these messages: [11468.257576] type=1400 audit(1395659127.103:38560): apparmor=ALLOWED operation=connect profile=/usr/lib/dovecot/imap-login name=/run/dovecot/config pid=30971 comm=imap-login requested_mask=rw denied_mask=rw fsuid=0 ouid=0 [11491.128691] type=1400 audit(1395659149.988:38616): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=30978 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 [11551.171186] type=1400 audit(1395659210.056:38853): apparmor=ALLOWED operation=capable profile=/usr/sbin/dovecot pid=31620 comm=dovecot capability=36 capname=block_suspend [11551.171338] type=1400 audit(1395659210.056:38854): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=31630 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 When I then start dovecot I get these in mail.log: Mar 24 08:42:52 polly dovecot: master: Dovecot v2.2.9 starting up (core dumps disabled) Mar 24 08:42:52 polly dovecot: master: Fatal: execv(/usr/lib/dovecot/log) failed: No such file or directory Mar 24 08:42:52 polly dovecot: master: Error: service(anvil): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(log): child 1387 returned error 84 (exec() failed) Mar 24 08:42:52 polly dovecot: master: Error: service(log): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(ssl-params): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(config): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(imap-login): command startup failed, throttling for 2 secs I tried to purge and reinstall apparmor(-profiles) but that didn't fix this issue. I did a aa-disable dovecot and now the errors are gone. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1296667/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1296667] Re: dovecot/apparmor: profile not found
Please verify apparmor_2.8.95~2430-0ubuntu5.3 in trusty. Thanks ** Tags removed: verification-failed ** Tags added: verification-needed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1296667 Title: dovecot/apparmor: profile not found Status in AppArmor Linux application security framework: New Status in apparmor package in Ubuntu: Fix Released Status in apparmor source package in Trusty: In Progress Bug description: [impact] This bug prevents dovecot users from using the apparmor policies shipped in the apparmor-profiles package without significant modifications. [steps to reproduce] 1) install and setup dovecot and confirm that it's functioning as expected 2) install the apparmor-profiles package 3) restart dovecot to ensure apparmor policies are being applied 4) if this bug has been addressed, dovecot should start successfully without generating apparmor rejections [regression potential] The change in the patch for this bug updates the dovecot policy to match the most recent apparmor release (2.9.2). These add missing policies, restructure a few things to common abstractions, and grant additional permissions. Any regressions related to this patch would be strictly limited to the policy for dovecot. [original description] I'm on Ubuntu 14.04 LTS. Since last week I get these messages: [11468.257576] type=1400 audit(1395659127.103:38560): apparmor=ALLOWED operation=connect profile=/usr/lib/dovecot/imap-login name=/run/dovecot/config pid=30971 comm=imap-login requested_mask=rw denied_mask=rw fsuid=0 ouid=0 [11491.128691] type=1400 audit(1395659149.988:38616): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=30978 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 [11551.171186] type=1400 audit(1395659210.056:38853): apparmor=ALLOWED operation=capable profile=/usr/sbin/dovecot pid=31620 comm=dovecot capability=36 capname=block_suspend [11551.171338] type=1400 audit(1395659210.056:38854): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=31630 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 When I then start dovecot I get these in mail.log: Mar 24 08:42:52 polly dovecot: master: Dovecot v2.2.9 starting up (core dumps disabled) Mar 24 08:42:52 polly dovecot: master: Fatal: execv(/usr/lib/dovecot/log) failed: No such file or directory Mar 24 08:42:52 polly dovecot: master: Error: service(anvil): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(log): child 1387 returned error 84 (exec() failed) Mar 24 08:42:52 polly dovecot: master: Error: service(log): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(ssl-params): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(config): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(imap-login): command startup failed, throttling for 2 secs I tried to purge and reinstall apparmor(-profiles) but that didn't fix this issue. I did a aa-disable dovecot and now the errors are gone. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1296667/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1296667] Re: dovecot/apparmor: profile not found
** Changed in: apparmor (Ubuntu Trusty) Status: New = In Progress ** Changed in: apparmor (Ubuntu Trusty) Importance: Undecided = High -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1296667 Title: dovecot/apparmor: profile not found Status in AppArmor Linux application security framework: New Status in apparmor package in Ubuntu: Fix Released Status in apparmor source package in Trusty: In Progress Bug description: [impact] This bug prevents dovecot users from using the apparmor policies shipped in the apparmor-profiles package without significant modifications. [steps to reproduce] 1) install and setup dovecot and confirm that it's functioning as expected 2) install the apparmor-profiles package 3) restart dovecot to ensure apparmor policies are being applied 4) if this bug has been addressed, dovecot should start successfully without generating apparmor rejections [regression potential] The change in the patch for this bug updates the dovecot policy to match the most recent apparmor release (2.9.2). These add missing policies, restructure a few things to common abstractions, and grant additional permissions. Any regressions related to this patch would be strictly limited to the policy for dovecot. [original description] I'm on Ubuntu 14.04 LTS. Since last week I get these messages: [11468.257576] type=1400 audit(1395659127.103:38560): apparmor=ALLOWED operation=connect profile=/usr/lib/dovecot/imap-login name=/run/dovecot/config pid=30971 comm=imap-login requested_mask=rw denied_mask=rw fsuid=0 ouid=0 [11491.128691] type=1400 audit(1395659149.988:38616): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=30978 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 [11551.171186] type=1400 audit(1395659210.056:38853): apparmor=ALLOWED operation=capable profile=/usr/sbin/dovecot pid=31620 comm=dovecot capability=36 capname=block_suspend [11551.171338] type=1400 audit(1395659210.056:38854): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=31630 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 When I then start dovecot I get these in mail.log: Mar 24 08:42:52 polly dovecot: master: Dovecot v2.2.9 starting up (core dumps disabled) Mar 24 08:42:52 polly dovecot: master: Fatal: execv(/usr/lib/dovecot/log) failed: No such file or directory Mar 24 08:42:52 polly dovecot: master: Error: service(anvil): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(log): child 1387 returned error 84 (exec() failed) Mar 24 08:42:52 polly dovecot: master: Error: service(log): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(ssl-params): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(config): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(imap-login): command startup failed, throttling for 2 secs I tried to purge and reinstall apparmor(-profiles) but that didn't fix this issue. I did a aa-disable dovecot and now the errors are gone. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1296667/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1296667] Re: dovecot/apparmor: profile not found
Unfortunately, while preparing the fix for this, I did not take into account that the debian/apparmor-profiles.install file needed to be updated to take the additional missing profiles into account. Marking verification-failed. However, failing to install the additional dovecot profiles does not cause any regressions, it just causes this bug to not be fixed by the version of apparmor in trusty-proposed. Given that apparmor 2.8.95~2430-0ubuntu5.2 in trusty-proposed succeeds in addressing several other issues (see bug 1449769 for a partial list), I'd like to see that version pushed to trusty-updates and then have an additional apparmor update go into trusty-proposed that correctly fixes this bug; I'm attaching the debdiff that would do that. ** Patch added: apparmor_2.8.95~2430-0ubuntu5.3.debdiff https://bugs.launchpad.net/apparmor/+bug/1296667/+attachment/4414174/+files/apparmor_2.8.95%7E2430-0ubuntu5.3.debdiff ** Tags added: verification-failed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1296667 Title: dovecot/apparmor: profile not found Status in AppArmor Linux application security framework: New Status in apparmor package in Ubuntu: Fix Released Bug description: [impact] This bug prevents dovecot users from using the apparmor policies shipped in the apparmor-profiles package without significant modifications. [steps to reproduce] 1) install and setup dovecot and confirm that it's functioning as expected 2) install the apparmor-profiles package 3) restart dovecot to ensure apparmor policies are being applied 4) if this bug has been addressed, dovecot should start successfully without generating apparmor rejections [regression potential] The change in the patch for this bug updates the dovecot policy to match the most recent apparmor release (2.9.2). These add missing policies, restructure a few things to common abstractions, and grant additional permissions. Any regressions related to this patch would be strictly limited to the policy for dovecot. [original description] I'm on Ubuntu 14.04 LTS. Since last week I get these messages: [11468.257576] type=1400 audit(1395659127.103:38560): apparmor=ALLOWED operation=connect profile=/usr/lib/dovecot/imap-login name=/run/dovecot/config pid=30971 comm=imap-login requested_mask=rw denied_mask=rw fsuid=0 ouid=0 [11491.128691] type=1400 audit(1395659149.988:38616): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=30978 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 [11551.171186] type=1400 audit(1395659210.056:38853): apparmor=ALLOWED operation=capable profile=/usr/sbin/dovecot pid=31620 comm=dovecot capability=36 capname=block_suspend [11551.171338] type=1400 audit(1395659210.056:38854): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=31630 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 When I then start dovecot I get these in mail.log: Mar 24 08:42:52 polly dovecot: master: Dovecot v2.2.9 starting up (core dumps disabled) Mar 24 08:42:52 polly dovecot: master: Fatal: execv(/usr/lib/dovecot/log) failed: No such file or directory Mar 24 08:42:52 polly dovecot: master: Error: service(anvil): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(log): child 1387 returned error 84 (exec() failed) Mar 24 08:42:52 polly dovecot: master: Error: service(log): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(ssl-params): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(config): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(imap-login): command startup failed, throttling for 2 secs I tried to purge and reinstall apparmor(-profiles) but that didn't fix this issue. I did a aa-disable dovecot and now the errors are gone. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1296667/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1296667] Re: dovecot/apparmor: profile not found
I agree with Steve that this SRU should proceed despite the verification for this bug failing. As Steve mentioned, there are no new regressions caused by this failed verification. The bug is simply not fixed yet. This SRU addresses a large number of other issues that are greatly impacting 14.04 users and it would be unfortunate if they had to wait longer for the fixes provided by this SRU. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1296667 Title: dovecot/apparmor: profile not found Status in AppArmor Linux application security framework: New Status in apparmor package in Ubuntu: Fix Released Bug description: [impact] This bug prevents dovecot users from using the apparmor policies shipped in the apparmor-profiles package without significant modifications. [steps to reproduce] 1) install and setup dovecot and confirm that it's functioning as expected 2) install the apparmor-profiles package 3) restart dovecot to ensure apparmor policies are being applied 4) if this bug has been addressed, dovecot should start successfully without generating apparmor rejections [regression potential] The change in the patch for this bug updates the dovecot policy to match the most recent apparmor release (2.9.2). These add missing policies, restructure a few things to common abstractions, and grant additional permissions. Any regressions related to this patch would be strictly limited to the policy for dovecot. [original description] I'm on Ubuntu 14.04 LTS. Since last week I get these messages: [11468.257576] type=1400 audit(1395659127.103:38560): apparmor=ALLOWED operation=connect profile=/usr/lib/dovecot/imap-login name=/run/dovecot/config pid=30971 comm=imap-login requested_mask=rw denied_mask=rw fsuid=0 ouid=0 [11491.128691] type=1400 audit(1395659149.988:38616): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=30978 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 [11551.171186] type=1400 audit(1395659210.056:38853): apparmor=ALLOWED operation=capable profile=/usr/sbin/dovecot pid=31620 comm=dovecot capability=36 capname=block_suspend [11551.171338] type=1400 audit(1395659210.056:38854): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=31630 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 When I then start dovecot I get these in mail.log: Mar 24 08:42:52 polly dovecot: master: Dovecot v2.2.9 starting up (core dumps disabled) Mar 24 08:42:52 polly dovecot: master: Fatal: execv(/usr/lib/dovecot/log) failed: No such file or directory Mar 24 08:42:52 polly dovecot: master: Error: service(anvil): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(log): child 1387 returned error 84 (exec() failed) Mar 24 08:42:52 polly dovecot: master: Error: service(log): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(ssl-params): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(config): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(imap-login): command startup failed, throttling for 2 secs I tried to purge and reinstall apparmor(-profiles) but that didn't fix this issue. I did a aa-disable dovecot and now the errors are gone. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1296667/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1296667] Re: dovecot/apparmor: profile not found
** Branch linked: lp:ubuntu/apparmor ** Branch linked: lp:ubuntu/trusty-proposed/apparmor -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1296667 Title: dovecot/apparmor: profile not found Status in AppArmor Linux application security framework: New Status in apparmor package in Ubuntu: Fix Released Bug description: [impact] This bug prevents dovecot users from using the apparmor policies shipped in the apparmor-profiles package without significant modifications. [steps to reproduce] 1) install and setup dovecot and confirm that it's functioning as expected 2) install the apparmor-profiles package 3) restart dovecot to ensure apparmor policies are being applied 4) if this bug has been addressed, dovecot should start successfully without generating apparmor rejections [regression potential] The change in the patch for this bug updates the dovecot policy to match the most recent apparmor release (2.9.2). These add missing policies, restructure a few things to common abstractions, and grant additional permissions. Any regressions related to this patch would be strictly limited to the policy for dovecot. [original description] I'm on Ubuntu 14.04 LTS. Since last week I get these messages: [11468.257576] type=1400 audit(1395659127.103:38560): apparmor=ALLOWED operation=connect profile=/usr/lib/dovecot/imap-login name=/run/dovecot/config pid=30971 comm=imap-login requested_mask=rw denied_mask=rw fsuid=0 ouid=0 [11491.128691] type=1400 audit(1395659149.988:38616): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=30978 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 [11551.171186] type=1400 audit(1395659210.056:38853): apparmor=ALLOWED operation=capable profile=/usr/sbin/dovecot pid=31620 comm=dovecot capability=36 capname=block_suspend [11551.171338] type=1400 audit(1395659210.056:38854): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=31630 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 When I then start dovecot I get these in mail.log: Mar 24 08:42:52 polly dovecot: master: Dovecot v2.2.9 starting up (core dumps disabled) Mar 24 08:42:52 polly dovecot: master: Fatal: execv(/usr/lib/dovecot/log) failed: No such file or directory Mar 24 08:42:52 polly dovecot: master: Error: service(anvil): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(log): child 1387 returned error 84 (exec() failed) Mar 24 08:42:52 polly dovecot: master: Error: service(log): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(ssl-params): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(config): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(imap-login): command startup failed, throttling for 2 secs I tried to purge and reinstall apparmor(-profiles) but that didn't fix this issue. I did a aa-disable dovecot and now the errors are gone. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1296667/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1296667] Re: dovecot/apparmor: profile not found
This bug was fixed in the package apparmor - 2.9.2-0ubuntu1
---
apparmor (2.9.2-0ubuntu1) wily; urgency=medium
* Update to apparmor 2.9.2
- Fix minitools to work with multiple profiles at once (LP: #1378095)
- Parse mounts that have non-ascii UTF-8 chars (LP: #1310598)
- Update dovecot profiles (LP: #1296667)
- Allow ubuntu-helpers to build texlive fonts (LP: #1010909)
* dropped patches incorporated upstream:
add-mir-abstraction-lp1422521.patch, systemd-dev-log-lp1413232.patch
parser-fix_modifier_compilation_+_tests.patch,
tests-fix_systemd_breakage_in_pivot_root-lp1436109.patch,
GDM_X_authority-lp1432126.patch, and
debian/patches/easyprof-framework-policy.patch
* Partial merge with debian apparmor package:
- debian/rules: enable the bindnow hardening flag during build.
- debian/upstream/signing-key.asc: add new upstream public
signing key
- debian/watch: fix watch file, add gpg signature checking
- install libapparmor.so dev symlink under /usr not /lib
- debian/patches/reproducible-pdf.patch: make techdoc.pdf
reproducible even in face of timezone variations.
- debian/control: sync fields
- debian/debhelper/postrm-apparmor: remove
/etc/apparmor.d/{disable,} on package purge
- debian/libapache2-mod-apparmor.postrm: on package purge, delete
/etc/apparmor.d/{,disable} if empty
- debian/libapparmor1.symbols: Use Build-Depends-Package in the
symbols file.
- debian/copyright: sync
-- Steve Beattie sbeat...@ubuntu.com Mon, 11 May 2015 22:03:04 -0700
** Changed in: apparmor (Ubuntu)
Status: New = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1296667
Title:
dovecot/apparmor: profile not found
Status in AppArmor Linux application security framework:
New
Status in apparmor package in Ubuntu:
Fix Released
Bug description:
[impact]
This bug prevents dovecot users from using the apparmor policies shipped
in the apparmor-profiles package without significant modifications.
[steps to reproduce]
1) install and setup dovecot and confirm that it's functioning as
expected
2) install the apparmor-profiles package
3) restart dovecot to ensure apparmor policies are being applied
4) if this bug has been addressed, dovecot should start successfully
without generating apparmor rejections
[regression potential]
The change in the patch for this bug updates the dovecot policy to
match the most recent apparmor release (2.9.2). These add missing
policies, restructure a few things to common abstractions, and grant
additional permissions. Any regressions related to this patch would
be strictly limited to the policy for dovecot.
[original description]
I'm on Ubuntu 14.04 LTS. Since last week I get these messages:
[11468.257576] type=1400 audit(1395659127.103:38560): apparmor=ALLOWED
operation=connect profile=/usr/lib/dovecot/imap-login
name=/run/dovecot/config pid=30971 comm=imap-login requested_mask=rw
denied_mask=rw fsuid=0 ouid=0
[11491.128691] type=1400 audit(1395659149.988:38616): apparmor=ALLOWED
operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot
name=/usr/lib/dovecot/auth pid=30978 comm=dovecot requested_mask=x
denied_mask=x fsuid=0 ouid=0
[11551.171186] type=1400 audit(1395659210.056:38853): apparmor=ALLOWED
operation=capable profile=/usr/sbin/dovecot pid=31620 comm=dovecot
capability=36 capname=block_suspend
[11551.171338] type=1400 audit(1395659210.056:38854): apparmor=ALLOWED
operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot
name=/usr/lib/dovecot/auth pid=31630 comm=dovecot requested_mask=x
denied_mask=x fsuid=0 ouid=0
When I then start dovecot I get these in mail.log:
Mar 24 08:42:52 polly dovecot: master: Dovecot v2.2.9 starting up (core dumps
disabled)
Mar 24 08:42:52 polly dovecot: master: Fatal: execv(/usr/lib/dovecot/log)
failed: No such file or directory
Mar 24 08:42:52 polly dovecot: master: Error: service(anvil): command startup
failed, throttling for 2 secs
Mar 24 08:42:52 polly dovecot: master: Error: service(log): child 1387
returned error 84 (exec() failed)
Mar 24 08:42:52 polly dovecot: master: Error: service(log): command startup
failed, throttling for 2 secs
Mar 24 08:42:52 polly dovecot: master: Error: service(ssl-params): command
startup failed, throttling for 2 secs
Mar 24 08:55:42 polly dovecot: master: Error: service(config): command
startup failed, throttling for 2 secs
Mar 24 08:55:42 polly dovecot: master: Error: service(imap-login): command
startup failed, throttling for 2 secs
I tried to purge and reinstall apparmor(-profiles) but that didn't fix
this issue. I did a aa-disable dovecot and now the errors are gone.
To manage notifications about this bug go to:
[Touch-packages] [Bug 1296667] Re: dovecot/apparmor: profile not found
This will be fixed in wily with apparmor 2.9.2-0ubuntu1. Attached is patch to update the dovecot profiles for a trusty SRU. ** Patch added: profiles-dovecot-updates-lp1296667.patch https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1296667/+attachment/4399538/+files/profiles-dovecot-updates-lp1296667.patch ** Description changed: + [impact] + + This bug prevents dovecot users from using the apparmor policies shipped + in the apparmor-profiles package without significant modifications. + + [steps to reproduce] + + 1) install and setup dovecot and confirm that it's functioning as +expected + 2) install the apparmor-profiles package + 3) restart dovecot to ensure apparmor policies are being applied + 4) if this bug has been addressed, dovecot should start successfully +without generating apparmor rejections + + [regression potential] + + The change in the patch for this bug updates the dovecot policy to + match the most recent apparmor release (2.9.2). These add missing + policies, restructure a few things to common abstractions, and grant + additional permissions. Any regressions related to this patch would + be strictly limited to the policy for dovecot. + + [original description] + I'm on Ubuntu 14.04 LTS. Since last week I get these messages: [11468.257576] type=1400 audit(1395659127.103:38560): apparmor=ALLOWED operation=connect profile=/usr/lib/dovecot/imap-login name=/run/dovecot/config pid=30971 comm=imap-login requested_mask=rw denied_mask=rw fsuid=0 ouid=0 [11491.128691] type=1400 audit(1395659149.988:38616): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=30978 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 [11551.171186] type=1400 audit(1395659210.056:38853): apparmor=ALLOWED operation=capable profile=/usr/sbin/dovecot pid=31620 comm=dovecot capability=36 capname=block_suspend [11551.171338] type=1400 audit(1395659210.056:38854): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=31630 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 When I then start dovecot I get these in mail.log: Mar 24 08:42:52 polly dovecot: master: Dovecot v2.2.9 starting up (core dumps disabled) Mar 24 08:42:52 polly dovecot: master: Fatal: execv(/usr/lib/dovecot/log) failed: No such file or directory Mar 24 08:42:52 polly dovecot: master: Error: service(anvil): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(log): child 1387 returned error 84 (exec() failed) Mar 24 08:42:52 polly dovecot: master: Error: service(log): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(ssl-params): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(config): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(imap-login): command startup failed, throttling for 2 secs I tried to purge and reinstall apparmor(-profiles) but that didn't fix this issue. I did a aa-disable dovecot and now the errors are gone. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1296667 Title: dovecot/apparmor: profile not found Status in AppArmor Linux application security framework: New Status in apparmor package in Ubuntu: New Bug description: [impact] This bug prevents dovecot users from using the apparmor policies shipped in the apparmor-profiles package without significant modifications. [steps to reproduce] 1) install and setup dovecot and confirm that it's functioning as expected 2) install the apparmor-profiles package 3) restart dovecot to ensure apparmor policies are being applied 4) if this bug has been addressed, dovecot should start successfully without generating apparmor rejections [regression potential] The change in the patch for this bug updates the dovecot policy to match the most recent apparmor release (2.9.2). These add missing policies, restructure a few things to common abstractions, and grant additional permissions. Any regressions related to this patch would be strictly limited to the policy for dovecot. [original description] I'm on Ubuntu 14.04 LTS. Since last week I get these messages: [11468.257576] type=1400 audit(1395659127.103:38560): apparmor=ALLOWED operation=connect profile=/usr/lib/dovecot/imap-login name=/run/dovecot/config pid=30971 comm=imap-login requested_mask=rw denied_mask=rw fsuid=0 ouid=0 [11491.128691] type=1400 audit(1395659149.988:38616): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=30978 comm=dovecot
[Touch-packages] [Bug 1296667] Re: dovecot/apparmor: profile not found
The attachment profiles-dovecot-updates-lp1296667.patch seems to be a patch. If it isn't, please remove the patch flag from the attachment, remove the patch tag, and if you are a member of the ~ubuntu- reviewers, unsubscribe the team. [This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.] ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1296667 Title: dovecot/apparmor: profile not found Status in AppArmor Linux application security framework: New Status in apparmor package in Ubuntu: New Bug description: [impact] This bug prevents dovecot users from using the apparmor policies shipped in the apparmor-profiles package without significant modifications. [steps to reproduce] 1) install and setup dovecot and confirm that it's functioning as expected 2) install the apparmor-profiles package 3) restart dovecot to ensure apparmor policies are being applied 4) if this bug has been addressed, dovecot should start successfully without generating apparmor rejections [regression potential] The change in the patch for this bug updates the dovecot policy to match the most recent apparmor release (2.9.2). These add missing policies, restructure a few things to common abstractions, and grant additional permissions. Any regressions related to this patch would be strictly limited to the policy for dovecot. [original description] I'm on Ubuntu 14.04 LTS. Since last week I get these messages: [11468.257576] type=1400 audit(1395659127.103:38560): apparmor=ALLOWED operation=connect profile=/usr/lib/dovecot/imap-login name=/run/dovecot/config pid=30971 comm=imap-login requested_mask=rw denied_mask=rw fsuid=0 ouid=0 [11491.128691] type=1400 audit(1395659149.988:38616): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=30978 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 [11551.171186] type=1400 audit(1395659210.056:38853): apparmor=ALLOWED operation=capable profile=/usr/sbin/dovecot pid=31620 comm=dovecot capability=36 capname=block_suspend [11551.171338] type=1400 audit(1395659210.056:38854): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=31630 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 When I then start dovecot I get these in mail.log: Mar 24 08:42:52 polly dovecot: master: Dovecot v2.2.9 starting up (core dumps disabled) Mar 24 08:42:52 polly dovecot: master: Fatal: execv(/usr/lib/dovecot/log) failed: No such file or directory Mar 24 08:42:52 polly dovecot: master: Error: service(anvil): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(log): child 1387 returned error 84 (exec() failed) Mar 24 08:42:52 polly dovecot: master: Error: service(log): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(ssl-params): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(config): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(imap-login): command startup failed, throttling for 2 secs I tried to purge and reinstall apparmor(-profiles) but that didn't fix this issue. I did a aa-disable dovecot and now the errors are gone. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1296667/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1296667] Re: dovecot/apparmor: profile not found
** Branch linked: lp:~apparmor-dev/apparmor/apparmor-ubuntu-citrain- trusty -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1296667 Title: dovecot/apparmor: profile not found Status in AppArmor Linux application security framework: New Status in apparmor package in Ubuntu: New Bug description: I'm on Ubuntu 14.04 LTS. Since last week I get these messages: [11468.257576] type=1400 audit(1395659127.103:38560): apparmor=ALLOWED operation=connect profile=/usr/lib/dovecot/imap-login name=/run/dovecot/config pid=30971 comm=imap-login requested_mask=rw denied_mask=rw fsuid=0 ouid=0 [11491.128691] type=1400 audit(1395659149.988:38616): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=30978 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 [11551.171186] type=1400 audit(1395659210.056:38853): apparmor=ALLOWED operation=capable profile=/usr/sbin/dovecot pid=31620 comm=dovecot capability=36 capname=block_suspend [11551.171338] type=1400 audit(1395659210.056:38854): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=31630 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 When I then start dovecot I get these in mail.log: Mar 24 08:42:52 polly dovecot: master: Dovecot v2.2.9 starting up (core dumps disabled) Mar 24 08:42:52 polly dovecot: master: Fatal: execv(/usr/lib/dovecot/log) failed: No such file or directory Mar 24 08:42:52 polly dovecot: master: Error: service(anvil): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(log): child 1387 returned error 84 (exec() failed) Mar 24 08:42:52 polly dovecot: master: Error: service(log): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(ssl-params): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(config): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(imap-login): command startup failed, throttling for 2 secs I tried to purge and reinstall apparmor(-profiles) but that didn't fix this issue. I did a aa-disable dovecot and now the errors are gone. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1296667/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1296667] Re: dovecot/apparmor: profile not found
** Tags added: aa-policy ** Also affects: apparmor (Ubuntu) Importance: Undecided Status: New ** Project changed: apparmor-profiles = apparmor -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1296667 Title: dovecot/apparmor: profile not found Status in AppArmor Linux application security framework: New Status in apparmor package in Ubuntu: New Bug description: I'm on Ubuntu 14.04 LTS. Since last week I get these messages: [11468.257576] type=1400 audit(1395659127.103:38560): apparmor=ALLOWED operation=connect profile=/usr/lib/dovecot/imap-login name=/run/dovecot/config pid=30971 comm=imap-login requested_mask=rw denied_mask=rw fsuid=0 ouid=0 [11491.128691] type=1400 audit(1395659149.988:38616): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=30978 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 [11551.171186] type=1400 audit(1395659210.056:38853): apparmor=ALLOWED operation=capable profile=/usr/sbin/dovecot pid=31620 comm=dovecot capability=36 capname=block_suspend [11551.171338] type=1400 audit(1395659210.056:38854): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=31630 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 When I then start dovecot I get these in mail.log: Mar 24 08:42:52 polly dovecot: master: Dovecot v2.2.9 starting up (core dumps disabled) Mar 24 08:42:52 polly dovecot: master: Fatal: execv(/usr/lib/dovecot/log) failed: No such file or directory Mar 24 08:42:52 polly dovecot: master: Error: service(anvil): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(log): child 1387 returned error 84 (exec() failed) Mar 24 08:42:52 polly dovecot: master: Error: service(log): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(ssl-params): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(config): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(imap-login): command startup failed, throttling for 2 secs I tried to purge and reinstall apparmor(-profiles) but that didn't fix this issue. I did a aa-disable dovecot and now the errors are gone. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1296667/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1296667] Re: dovecot/apparmor: profile not found
Some of those issues were already fixed in the upstream profiles. For the remaining issues, I just sent patches to the mailinglist for review. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1296667 Title: dovecot/apparmor: profile not found Status in AppArmor Linux application security framework: New Status in apparmor package in Ubuntu: New Bug description: I'm on Ubuntu 14.04 LTS. Since last week I get these messages: [11468.257576] type=1400 audit(1395659127.103:38560): apparmor=ALLOWED operation=connect profile=/usr/lib/dovecot/imap-login name=/run/dovecot/config pid=30971 comm=imap-login requested_mask=rw denied_mask=rw fsuid=0 ouid=0 [11491.128691] type=1400 audit(1395659149.988:38616): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=30978 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 [11551.171186] type=1400 audit(1395659210.056:38853): apparmor=ALLOWED operation=capable profile=/usr/sbin/dovecot pid=31620 comm=dovecot capability=36 capname=block_suspend [11551.171338] type=1400 audit(1395659210.056:38854): apparmor=ALLOWED operation=exec info=profile not found error=-2 profile=/usr/sbin/dovecot name=/usr/lib/dovecot/auth pid=31630 comm=dovecot requested_mask=x denied_mask=x fsuid=0 ouid=0 When I then start dovecot I get these in mail.log: Mar 24 08:42:52 polly dovecot: master: Dovecot v2.2.9 starting up (core dumps disabled) Mar 24 08:42:52 polly dovecot: master: Fatal: execv(/usr/lib/dovecot/log) failed: No such file or directory Mar 24 08:42:52 polly dovecot: master: Error: service(anvil): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(log): child 1387 returned error 84 (exec() failed) Mar 24 08:42:52 polly dovecot: master: Error: service(log): command startup failed, throttling for 2 secs Mar 24 08:42:52 polly dovecot: master: Error: service(ssl-params): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(config): command startup failed, throttling for 2 secs Mar 24 08:55:42 polly dovecot: master: Error: service(imap-login): command startup failed, throttling for 2 secs I tried to purge and reinstall apparmor(-profiles) but that didn't fix this issue. I did a aa-disable dovecot and now the errors are gone. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1296667/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
