[Touch-packages] [Bug 1466103] Re: dnsmasq runs unconfined due to starting before apparmor on boot

** Changed in: dnsmasq (Ubuntu) Assignee: (unassigned) => audrey reed (mrsperkins74) ** Changed in: dnsmasq (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in

[Touch-packages] [Bug 1466103] Re: dnsmasq runs unconfined due to starting before apparmor on boot

** Changed in: dnsmasq (Ubuntu) Importance: Undecided = Critical -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1466103 Title: dnsmasq runs unconfined due to starting

[Touch-packages] [Bug 1466103] Re: dnsmasq runs unconfined due to starting before apparmor on boot

Did you install a profile yourself for dnsmasq? Could you show the result of sudo aa-status ? By default dnsmasq ships without a profile, but since you say it happens intermittently I assume you do have a custom profile... Please also show the result of: lsb_release -r ls -l /sbin/init **

[Touch-packages] [Bug 1466103] Re: dnsmasq runs unconfined due to starting before apparmor on boot

The dnsmasq apparmor profile comes from package apparmor-profiles. My installed version is apparmor-profiles 2.8.95~2430-0ubuntu5.1. It recently updated (June 16). I have only rebooted my machine three times since, and saw the unconfined only once. I will continue to watch to see if it occurs

[Touch-packages] [Bug 1466103] Re: dnsmasq runs unconfined due to starting before apparmor on boot

I don't think stopped apparmor is going to do it -- the generic apparmor profiles are loaded via a sysv-init compatibility script. I think the job file that starts this dnsmasq instance needs to use apparmor load before starting the process: http://upstart.ubuntu.com/cookbook/#apparmor-load I

[Touch-packages] [Bug 1466103] Re: dnsmasq runs unconfined due to starting before apparmor on boot

** Changed in: dnsmasq (Ubuntu) Status: Incomplete = Triaged -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1466103 Title: dnsmasq runs unconfined due to starting

[Touch-packages] [Bug 1466103] Re: dnsmasq runs unconfined due to starting before apparmor on boot

Thanks. Can you show a list of the running dnsmasqs? Which dnsmasq starts unconfined? Is it the one started by network-manager, or by a custom script, or something else? I think adding stopped apparmor to the 'start on' conditions of the job which starts dnsmasq should suffice to fix the

[Touch-packages] [Bug 1466103] Re: dnsmasq runs unconfined due to starting before apparmor on boot

My currently running dnsmasq (which is confined the way it should be) was started by NetworkManager: $ ps axjf PPID PID PGID SID TTY TPGID STAT UID TIME COMMAND 1 1873 1873 1873 ? -1 Ssl 0 0:00 NetworkManager 1873 2047 2047 1873 ? -1 S65534

[Touch-packages] [Bug 1466103] Re: dnsmasq runs unconfined due to starting before apparmor on boot

Additional info: Only happens intermittently. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1466103 Title: dnsmasq runs unconfined due to starting before apparmor on