[Bug 367499] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010
ar could you attach your profile set -- BUG: unable to handle kernel NULL pointer dereference at 0010 https://bugs.launchpad.net/bugs/367499 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 367499] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010
Your profile set is the text files of the profiles on your system. They are found in /etc/apparmor.d/ -- BUG: unable to handle kernel NULL pointer dereference at 0010 https://bugs.launchpad.net/bugs/367499 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 350789] Re: AppArmor Debug: Hook being called from interrupt context
** Changed in: linux (Ubuntu Jaunty) Status: Triaged => Fix Committed ** Changed in: linux (Ubuntu) Status: Triaged => Fix Committed ** Changed in: linux (Ubuntu) Status: Fix Committed => Fix Released -- AppArmor Debug: Hook being called from interrupt context https://bugs.launchpad.net/bugs/350789 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 412860] [NEW] Xorg not responding to input
Public bug reported: Binary package hint: xorg Xorg stopped responding to input from the keyboard and mouse. The mouse cursor still moves, notifications are still being displayed, but input from mouse and keyboard have no effect. The vt can be switch to and is working, switching back and forth has no effect. ProblemType: Bug Architecture: i386 Date: Wed Aug 12 23:09:28 2009 DistroRelease: Ubuntu 9.10 MachineType: LENOVO 7762WGS Package: xorg 1:7.4+3ubuntu5 ProcCmdLine: BOOT_IMAGE=/boot/vmlinuz-2.6.31-5-generic root=UUID=11f5ccce-0c65-4480-8e69-8b77cae05c1a ro crashkernel=384M-2G:64M,2G-:128M quiet splash ProcEnviron: PATH=(custom, user) LANG=en_US.UTF-8 SHELL=/bin/bash ProcVersionSignature: Ubuntu 2.6.31-5.24-generic RelatedPackageVersions: xserver-xorg 1:7.4+3ubuntu5 libgl1-mesa-glx 7.5-1ubuntu1 libdrm2 2.4.12-1ubuntu1 xserver-xorg-video-intel 2:2.8.0-0ubuntu2 xserver-xorg-video-ati 1:6.12.99+git20090629.f39cafc5-0ubuntu5 SourcePackage: xorg Uname: Linux 2.6.31-5-generic i686 Xrandr: Error: command ['xrandr', '--verbose'] failed with exit code 1: Can't open display dmi.bios.date: 03/12/2009 dmi.bios.vendor: LENOVO dmi.bios.version: 7SET37WW (1.23 ) dmi.board.name: 7762WGS dmi.board.vendor: LENOVO dmi.board.version: Not Available dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 10 dmi.chassis.vendor: LENOVO dmi.chassis.version: Not Available dmi.modalias: dmi:bvnLENOVO:bvr7SET37WW(1.23):bd03/12/2009:svnLENOVO:pn7762WGS:pvrThinkPadX61Tablet:rvnLENOVO:rn7762WGS:rvrNotAvailable:cvnLENOVO:ct10:cvrNotAvailable: dmi.product.name: 7762WGS dmi.product.version: ThinkPad X61 Tablet dmi.sys.vendor: LENOVO fglrx: Not loaded glxinfo: Error: command ['glxinfo'] failed with exit code 255: Error: unable to open display setxkbmap: Error: command ['setxkbmap', '-print'] failed with exit code 255: Cannot open display "default display" system: distro: Ubuntu architecture: i686kernel: 2.6.31-5-generic xdpyinfo: Error: command ['xdpyinfo'] failed with exit code 1: xdpyinfo: unable to open display "". ** Affects: xorg (Ubuntu) Importance: Undecided Status: New ** Tags: apport-bug i386 -- Xorg not responding to input https://bugs.launchpad.net/bugs/412860 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 412860] Re: Xorg not responding to input
** Attachment added: "BootDmesg.txt" http://launchpadlibrarian.net/30263441/BootDmesg.txt ** Attachment added: "CurrentDmesg.txt" http://launchpadlibrarian.net/30263442/CurrentDmesg.txt ** Attachment added: "Dependencies.txt" http://launchpadlibrarian.net/30263443/Dependencies.txt ** Attachment added: "Lspci.txt" http://launchpadlibrarian.net/30263444/Lspci.txt ** Attachment added: "Lsusb.txt" http://launchpadlibrarian.net/30263445/Lsusb.txt ** Attachment added: "PciDisplay.txt" http://launchpadlibrarian.net/30263446/PciDisplay.txt ** Attachment added: "ProcCpuinfo.txt" http://launchpadlibrarian.net/30263447/ProcCpuinfo.txt ** Attachment added: "ProcInterrupts.txt" http://launchpadlibrarian.net/30263448/ProcInterrupts.txt ** Attachment added: "ProcModules.txt" http://launchpadlibrarian.net/30263449/ProcModules.txt ** Attachment added: "UdevDb.txt" http://launchpadlibrarian.net/30263450/UdevDb.txt ** Attachment added: "UdevLog.txt" http://launchpadlibrarian.net/30263451/UdevLog.txt ** Attachment added: "XorgConf.txt" http://launchpadlibrarian.net/30263452/XorgConf.txt ** Attachment added: "XorgLog.txt" http://launchpadlibrarian.net/30263453/XorgLog.txt ** Attachment added: "XorgLogOld.txt" http://launchpadlibrarian.net/30263454/XorgLogOld.txt ** Attachment added: "monitors.xml.txt" http://launchpadlibrarian.net/30263455/monitors.xml.txt ** Attachment added: "xkbcomp.txt" http://launchpadlibrarian.net/30263456/xkbcomp.txt -- Xorg not responding to input https://bugs.launchpad.net/bugs/412860 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 410255] [NEW] Mouse cursor fails to rotate
Public bug reported: Binary package hint: xorg After rotating the screen and then rotating back to Normal the mouse cursor remains rotated. ProblemType: Bug Architecture: i386 Date: Fri Aug 7 04:59:00 2009 DistroRelease: Ubuntu 9.10 MachineType: LENOVO 7762WGS Package: xorg 1:7.4+3ubuntu5 ProcCmdLine: BOOT_IMAGE=/boot/vmlinuz-2.6.31-5-generic root=UUID=11f5ccce-0c65-4480-8e69-8b77cae05c1a ro crashkernel=384M-2G:64M,2G-:128M quiet splash ProcEnviron: PATH=(custom, user) LANG=en_US.UTF-8 SHELL=/bin/bash ProcVersionSignature: Ubuntu 2.6.31-5.24-generic RelatedPackageVersions: xserver-xorg 1:7.4+3ubuntu5 libgl1-mesa-glx 7.5-1ubuntu1 libdrm2 2.4.12-1ubuntu1 xserver-xorg-video-intel 2:2.8.0-0ubuntu2 xserver-xorg-video-ati 1:6.12.99+git20090629.f39cafc5-0ubuntu5 SourcePackage: xorg Uname: Linux 2.6.31-5-generic i686 dmi.bios.date: 03/12/2009 dmi.bios.vendor: LENOVO dmi.bios.version: 7SET37WW (1.23 ) dmi.board.name: 7762WGS dmi.board.vendor: LENOVO dmi.board.version: Not Available dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 10 dmi.chassis.vendor: LENOVO dmi.chassis.version: Not Available dmi.modalias: dmi:bvnLENOVO:bvr7SET37WW(1.23):bd03/12/2009:svnLENOVO:pn7762WGS:pvrThinkPadX61Tablet:rvnLENOVO:rn7762WGS:rvrNotAvailable:cvnLENOVO:ct10:cvrNotAvailable: dmi.product.name: 7762WGS dmi.product.version: ThinkPad X61 Tablet dmi.sys.vendor: LENOVO fglrx: Not loaded system: distro: Ubuntu architecture: i686kernel: 2.6.31-5-generic ** Affects: xorg (Ubuntu) Importance: Undecided Status: New ** Tags: apport-bug i386 -- Mouse cursor fails to rotate https://bugs.launchpad.net/bugs/410255 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 410255] Re: Mouse cursor fails to rotate
** Attachment added: "BootDmesg.txt" http://launchpadlibrarian.net/3330/BootDmesg.txt ** Attachment added: "CurrentDmesg.txt" http://launchpadlibrarian.net/3331/CurrentDmesg.txt ** Attachment added: "Dependencies.txt" http://launchpadlibrarian.net/3333/Dependencies.txt ** Attachment added: "Lspci.txt" http://launchpadlibrarian.net/3334/Lspci.txt ** Attachment added: "Lsusb.txt" http://launchpadlibrarian.net/3335/Lsusb.txt ** Attachment added: "PciDisplay.txt" http://launchpadlibrarian.net/3336/PciDisplay.txt ** Attachment added: "ProcCpuinfo.txt" http://launchpadlibrarian.net/3337/ProcCpuinfo.txt ** Attachment added: "ProcInterrupts.txt" http://launchpadlibrarian.net/3338/ProcInterrupts.txt ** Attachment added: "ProcModules.txt" http://launchpadlibrarian.net/3339/ProcModules.txt ** Attachment added: "UdevDb.txt" http://launchpadlibrarian.net/3340/UdevDb.txt ** Attachment added: "UdevLog.txt" http://launchpadlibrarian.net/3341/UdevLog.txt ** Attachment added: "XorgConf.txt" http://launchpadlibrarian.net/3342/XorgConf.txt ** Attachment added: "XorgLog.txt" http://launchpadlibrarian.net/3343/XorgLog.txt ** Attachment added: "XorgLogOld.txt" http://launchpadlibrarian.net/3344/XorgLogOld.txt ** Attachment added: "Xrandr.txt" http://launchpadlibrarian.net/3345/Xrandr.txt ** Attachment added: "glxinfo.txt" http://launchpadlibrarian.net/3346/glxinfo.txt ** Attachment added: "monitors.xml.txt" http://launchpadlibrarian.net/3347/monitors.xml.txt ** Attachment added: "setxkbmap.txt" http://launchpadlibrarian.net/3348/setxkbmap.txt ** Attachment added: "xdpyinfo.txt" http://launchpadlibrarian.net/3349/xdpyinfo.txt ** Attachment added: "xkbcomp.txt" http://launchpadlibrarian.net/3350/xkbcomp.txt -- Mouse cursor fails to rotate https://bugs.launchpad.net/bugs/410255 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 410258] [NEW] Desktop effects could not be enabled
Public bug reported: Binary package hint: xorg Desktop effects can no longer be enabled. The desktop effects were working but they have stopped functioning after a reboot and can not be reenabled. ProblemType: Bug Architecture: i386 Date: Fri Aug 7 04:55:04 2009 DistroRelease: Ubuntu 9.10 MachineType: LENOVO 7762WGS Package: xorg 1:7.4+3ubuntu5 ProcCmdLine: BOOT_IMAGE=/boot/vmlinuz-2.6.31-5-generic root=UUID=11f5ccce-0c65-4480-8e69-8b77cae05c1a ro crashkernel=384M-2G:64M,2G-:128M quiet splash ProcEnviron: PATH=(custom, user) LANG=en_US.UTF-8 SHELL=/bin/bash ProcVersionSignature: Ubuntu 2.6.31-5.24-generic RelatedPackageVersions: xserver-xorg 1:7.4+3ubuntu5 libgl1-mesa-glx 7.5-1ubuntu1 libdrm2 2.4.12-1ubuntu1 xserver-xorg-video-intel 2:2.8.0-0ubuntu2 xserver-xorg-video-ati 1:6.12.99+git20090629.f39cafc5-0ubuntu5 SourcePackage: xorg Uname: Linux 2.6.31-5-generic i686 dmi.bios.date: 03/12/2009 dmi.bios.vendor: LENOVO dmi.bios.version: 7SET37WW (1.23 ) dmi.board.name: 7762WGS dmi.board.vendor: LENOVO dmi.board.version: Not Available dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 10 dmi.chassis.vendor: LENOVO dmi.chassis.version: Not Available dmi.modalias: dmi:bvnLENOVO:bvr7SET37WW(1.23):bd03/12/2009:svnLENOVO:pn7762WGS:pvrThinkPadX61Tablet:rvnLENOVO:rn7762WGS:rvrNotAvailable:cvnLENOVO:ct10:cvrNotAvailable: dmi.product.name: 7762WGS dmi.product.version: ThinkPad X61 Tablet dmi.sys.vendor: LENOVO fglrx: Not loaded system: distro: Ubuntu architecture: i686kernel: 2.6.31-5-generic ** Affects: xorg (Ubuntu) Importance: Undecided Status: New ** Tags: apport-bug i386 -- Desktop effects could not be enabled https://bugs.launchpad.net/bugs/410258 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 410258] Re: Desktop effects could not be enabled
** Attachment added: "BootDmesg.txt" http://launchpadlibrarian.net/3463/BootDmesg.txt ** Attachment added: "CurrentDmesg.txt" http://launchpadlibrarian.net/3464/CurrentDmesg.txt ** Attachment added: "Dependencies.txt" http://launchpadlibrarian.net/3465/Dependencies.txt ** Attachment added: "Lspci.txt" http://launchpadlibrarian.net/3466/Lspci.txt ** Attachment added: "Lsusb.txt" http://launchpadlibrarian.net/3467/Lsusb.txt ** Attachment added: "PciDisplay.txt" http://launchpadlibrarian.net/3469/PciDisplay.txt ** Attachment added: "ProcCpuinfo.txt" http://launchpadlibrarian.net/3470/ProcCpuinfo.txt ** Attachment added: "ProcInterrupts.txt" http://launchpadlibrarian.net/3471/ProcInterrupts.txt ** Attachment added: "ProcModules.txt" http://launchpadlibrarian.net/3472/ProcModules.txt ** Attachment added: "UdevDb.txt" http://launchpadlibrarian.net/3473/UdevDb.txt ** Attachment added: "UdevLog.txt" http://launchpadlibrarian.net/3474/UdevLog.txt ** Attachment added: "XorgConf.txt" http://launchpadlibrarian.net/3475/XorgConf.txt ** Attachment added: "XorgLog.txt" http://launchpadlibrarian.net/3477/XorgLog.txt ** Attachment added: "XorgLogOld.txt" http://launchpadlibrarian.net/3478/XorgLogOld.txt ** Attachment added: "Xrandr.txt" http://launchpadlibrarian.net/3479/Xrandr.txt ** Attachment added: "glxinfo.txt" http://launchpadlibrarian.net/3480/glxinfo.txt ** Attachment added: "monitors.xml.txt" http://launchpadlibrarian.net/3481/monitors.xml.txt ** Attachment added: "setxkbmap.txt" http://launchpadlibrarian.net/3482/setxkbmap.txt ** Attachment added: "xdpyinfo.txt" http://launchpadlibrarian.net/3483/xdpyinfo.txt ** Attachment added: "xkbcomp.txt" http://launchpadlibrarian.net/3484/xkbcomp.txt -- Desktop effects could not be enabled https://bugs.launchpad.net/bugs/410258 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 410309] Re: Screen goes blank after rotation
** Attachment added: "BootDmesg.txt" http://launchpadlibrarian.net/30005993/BootDmesg.txt ** Attachment added: "CurrentDmesg.txt" http://launchpadlibrarian.net/30005994/CurrentDmesg.txt ** Attachment added: "Dependencies.txt" http://launchpadlibrarian.net/30005995/Dependencies.txt ** Attachment added: "Lspci.txt" http://launchpadlibrarian.net/30005996/Lspci.txt ** Attachment added: "Lsusb.txt" http://launchpadlibrarian.net/30005997/Lsusb.txt ** Attachment added: "PciDisplay.txt" http://launchpadlibrarian.net/30005998/PciDisplay.txt ** Attachment added: "ProcCpuinfo.txt" http://launchpadlibrarian.net/30005999/ProcCpuinfo.txt ** Attachment added: "ProcInterrupts.txt" http://launchpadlibrarian.net/30006000/ProcInterrupts.txt ** Attachment added: "ProcModules.txt" http://launchpadlibrarian.net/30006001/ProcModules.txt ** Attachment added: "UdevDb.txt" http://launchpadlibrarian.net/30006002/UdevDb.txt ** Attachment added: "UdevLog.txt" http://launchpadlibrarian.net/30006003/UdevLog.txt ** Attachment added: "XorgConf.txt" http://launchpadlibrarian.net/30006004/XorgConf.txt ** Attachment added: "XorgLog.txt" http://launchpadlibrarian.net/30006005/XorgLog.txt ** Attachment added: "XorgLogOld.txt" http://launchpadlibrarian.net/30006006/XorgLogOld.txt ** Attachment added: "Xrandr.txt" http://launchpadlibrarian.net/30006007/Xrandr.txt ** Attachment added: "glxinfo.txt" http://launchpadlibrarian.net/30006008/glxinfo.txt ** Attachment added: "monitors.xml.txt" http://launchpadlibrarian.net/30006009/monitors.xml.txt ** Attachment added: "setxkbmap.txt" http://launchpadlibrarian.net/30006010/setxkbmap.txt ** Attachment added: "xdpyinfo.txt" http://launchpadlibrarian.net/30006012/xdpyinfo.txt ** Attachment added: "xkbcomp.txt" http://launchpadlibrarian.net/30006013/xkbcomp.txt -- Screen goes blank after rotation https://bugs.launchpad.net/bugs/410309 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 410309] [NEW] Screen goes blank after rotation
Public bug reported: Binary package hint: xorg After rotating the Desktop, and rotating back to Normal the screen goes black. The screen is can be restored by switch to a VT and then back to X or by closing the lid and opening it back up. ProblemType: Bug Architecture: i386 Date: Fri Aug 7 05:08:25 2009 DistroRelease: Ubuntu 9.10 MachineType: LENOVO 7762WGS Package: xorg 1:7.4+3ubuntu5 ProcCmdLine: BOOT_IMAGE=/boot/vmlinuz-2.6.31-5-generic root=UUID=11f5ccce-0c65-4480-8e69-8b77cae05c1a ro crashkernel=384M-2G:64M,2G-:128M quiet splash ProcEnviron: PATH=(custom, user) LANG=en_US.UTF-8 SHELL=/bin/bash ProcVersionSignature: Ubuntu 2.6.31-5.24-generic RelatedPackageVersions: xserver-xorg 1:7.4+3ubuntu5 libgl1-mesa-glx 7.5-1ubuntu1 libdrm2 2.4.12-1ubuntu1 xserver-xorg-video-intel 2:2.8.0-0ubuntu2 xserver-xorg-video-ati 1:6.12.99+git20090629.f39cafc5-0ubuntu5 SourcePackage: xorg Uname: Linux 2.6.31-5-generic i686 dmi.bios.date: 03/12/2009 dmi.bios.vendor: LENOVO dmi.bios.version: 7SET37WW (1.23 ) dmi.board.name: 7762WGS dmi.board.vendor: LENOVO dmi.board.version: Not Available dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 10 dmi.chassis.vendor: LENOVO dmi.chassis.version: Not Available dmi.modalias: dmi:bvnLENOVO:bvr7SET37WW(1.23):bd03/12/2009:svnLENOVO:pn7762WGS:pvrThinkPadX61Tablet:rvnLENOVO:rn7762WGS:rvrNotAvailable:cvnLENOVO:ct10:cvrNotAvailable: dmi.product.name: 7762WGS dmi.product.version: ThinkPad X61 Tablet dmi.sys.vendor: LENOVO fglrx: Not loaded system: distro: Ubuntu architecture: i686kernel: 2.6.31-5-generic ** Affects: xorg (Ubuntu) Importance: Undecided Status: New ** Tags: apport-bug i386 -- Screen goes blank after rotation https://bugs.launchpad.net/bugs/410309 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 359338] Re: apparmor paths are broken when using ecryptfs on jaunty
** Changed in: linux (Ubuntu Karmic) Status: Confirmed => In Progress -- apparmor paths are broken when using ecryptfs on jaunty https://bugs.launchpad.net/bugs/359338 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 359338] Re: apparmor paths are broken when using ecryptfs on jaunty
This behavior still exists in Jaunty and Karmic and it is going to be handled in the user space at the policy level. The user space tools are being extended to be able to handle, this in a couple of ways. 1. There will be a global policy file where rules like the work around specified above can be added without having to update the profiles. 2. The alias command is being extended to cover full regular expression rewriting which will allow the policy to contain the relationship between the encrypted dir and the users actual home. The alias required for ecrypted homes will then be put in the global policy file described in part 1. This solution can be applied to both Jaunty and Karmic. -- apparmor paths are broken when using ecryptfs on jaunty https://bugs.launchpad.net/bugs/359338 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 400349] Re: dhclient-script fails with apparmor
I took a look at this and it is behaving correctly, though I haven't established whether it is due to a deviation in AppArmor's behavior, the scripts or both. The executable /sbin/dhclient3 does a Px transition (as specified in its profile) to /sbin/dhclient-script. /sbin/dhclient-script Pxr, The transition can be seen by putting the /sbin/dhclient3 profile into audit mode type=APPARMOR_AUDIT msg=audit(1247815097.686:61): operation="exec" pid=4152 comm="dhclient3" parent=4151 profile="/sbin/dhclient3" requested_mask="x::" fsuid=0 ouid=0 name="/sbin/dhclient-script" The /sbin/dhclient-script then attempts to open the following 2 files without doing an exec to bash type=APPARMOR_DENIED msg=audit(1247815097.690:62): operation="open" pid=4152 comm="dhclient-script" parent=4151 profile="/sbin/dhclient-script" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/etc/ld.so.cache" type=APPARMOR_DENIED msg=audit(1247816247.944:89): operation="open" pid=4400 comm="dhclient-script" parent=4399 profile="/sbin/dhclient-script" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/lib/libncurses.so.5.7" putting the /sbin/dhclient-script into audit mode doesn't show up any more accesses. I through in some debugging to verify the reported behavior matches what is going on internally and it does. AppArmor's behavior for scripts, is that it will attach the profile to the script if it is directly invoked. In this case invoking /sbin /dhclient-script will cause dhclient-script to be confined by AppArmor even though it is a bash script. If the script is indirectly invoked through bash then, the bash profile (if it exists) would be used. -- dhclient-script fails with apparmor https://bugs.launchpad.net/bugs/400349 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 359338] Re: apparmor paths are broken when using ecryptfs on jaunty
I have looked at this for Jaunty and have a patch that fixes this for all but 1
case in the kernel. That one case however requires a larger change and need
further investigation. That one case still requires
owner @{HOME}/.Private/** rw, be added to profiles.
Testing in Karmic has shown that the security_path_XXX hooks work as
expected and that rmdir, unlink, mknod, mkdir, link, symlink all work.
There is a single known regression case (dentry_open) where the name
loop back occurs, resulting in both the encrypted and unencrypted paths
being reported.
--
apparmor paths are broken when using ecryptfs on jaunty
https://bugs.launchpad.net/bugs/359338
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 359338] Re: apparmor paths are broken when using ecryptfs on jaunty
Dustin, it shouldn't matter where the encrypted data is placed, so this change should not have any effect. -- apparmor paths are broken when using ecryptfs on jaunty https://bugs.launchpad.net/bugs/359338 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 359338] Re: apparmor paths are broken when using ecryptfs on jaunty
Dustin, it shouldn't matter where the encrypted data is placed, so this change should not have any effect. -- apparmor paths are broken when using ecryptfs on jaunty https://bugs.launchpad.net/bugs/359338 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 400349] Re: dhclient-script fails with apparmor
This turns out to be a regression in Jaunty, that is now fixed and behaving properly in Karmic ** Changed in: linux (Ubuntu Karmic) Status: Confirmed => Invalid -- dhclient-script fails with apparmor https://bugs.launchpad.net/bugs/400349 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 400349] Re: dhclient-script fails with apparmor
This is a bug in the handling of profile attachment for scripts. The check to test if an attachment has already been applied needs to be reworked for 2.6.28. This regression is mitigated, in that correct attachment is retained if ix is used for the script interpreter which is standard profiling practice. ** Changed in: linux (Ubuntu Jaunty) Status: New => Confirmed ** Changed in: linux (Ubuntu Jaunty) Assignee: (unassigned) => John Johansen (jjohansen) -- dhclient-script fails with apparmor https://bugs.launchpad.net/bugs/400349 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 375422] Re: apparmor fails to load at startup
In the current fix apparmor is disabled by default, while further testing is done. To enable apparmor, on the grub command line add security=apparmor -- apparmor fails to load at startup https://bugs.launchpad.net/bugs/375422 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 410258] Re: [i965GM] Desktop effects could not be enabled
Sorry Bryce, I can't answer that one. The machine having this problem had a failed update that resulted in a reinstall. With the reinstall and latest updates desktop effects can now be enabled. -- [i965GM] Desktop effects could not be enabled https://bugs.launchpad.net/bugs/410258 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 412860] Re: Xorg not responding to input using forwarded X window
Bryce, I haven't been able to reproduce since Friday when X completely locked up on me and would kill all input once it started. This was consistent behavior and would happen every time I started X, either through gdm at startup or using startx. This is when I finally did a complete reinstall. Friday's behavior was exceptional, as this began occurring after a failed update. However I haven't been doing any X forwarding this week so I haven't been able to test that portion of the bug. I will see if I can reproduce with X forwarding over the next few days. -- Xorg not responding to input using forwarded X window https://bugs.launchpad.net/bugs/412860 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 412860] Re: Xorg not responding to input
Now that you mention it, I did have weird application input errors very similar to what you describe a few hours before this complete lock up. At the time I attributed it to the network as I doing a git clone and several of the apps were X forwarded from another machine. Also I was working in a forwarded X window when the input freeze happened. -- Xorg not responding to input https://bugs.launchpad.net/bugs/412860 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 147551] Re: cups-pdf fails to generate file when user does not print to default ~/PDF (apparmor vs.cups-pdf inconsistency)
Sean,
would it be possible to attach your log files or a section of them so that I
can analyze why it is requiring
@{HOME}/Desktop/ w,
@{HOME}/Desktop/* w,
--
cups-pdf fails to generate file when user does not print to default ~/PDF
(apparmor vs.cups-pdf inconsistency)
https://bugs.launchpad.net/bugs/147551
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 190516] Re: MUGEN doesn't start if Apparmor is running
well, I can confirm it, and even provide some insight. MUGEN does some very uhm interesting things on startup. It creates a new elf file in tmp, uses open to pin the file and then it deletes it. This results in the file being removed from the namespace and completely inaccessable except to processes that already have the file open. It then passes /proc//fd/ to execve as the file to open, AppArmor is detecting that this is a deleted inaccessible file and failing the exec. This is unfortunate in that this happens even when mugen is run from an unconfined shell, because AppArmor can't determine whether it should attach confinement to it. I will see what I can do, but any fixes if taken will have to come in a kernel update. -- MUGEN doesn't start if Apparmor is running https://bugs.launchpad.net/bugs/190516 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 190516] Re: MUGEN doesn't start if Apparmor is running
hrmm, well it seems I did fix this for unconfined processes before the final version of hardy (I remember fixing it for AppArmor 2.3 but I thought the fix missed Hardy), and my test machine wasn't properly updating. So after a fresh install MUGEN now works. So to clarify, in Hardy MUGEN will run as long as it is started from an unconfined shell, and it does not have a profile defined for it. It is extremely unlikely that AppArmor in Hardy will be patched to support this behavior from a confined process. -- MUGEN doesn't start if Apparmor is running https://bugs.launchpad.net/bugs/190516 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 160238] Re: Corrupted AppArmor audit log messages
The log isn't displaying correctly in the browser because its type is set as html, but it is a plain text file. The log is corrupt but in a very odd way that I have never encountered before. I have a few possible ideas: Your kernel ring buffer is being filled and the messages are wrapping, overwriting previous messages, this is a known problem with messages going to the ring buffer and is fixed by using the audit daemon. This can't be the sole cause of the problem because its not an occasional message being split but many messages with many repeated characters. Most of the information seems to be intact but has sever "studdering", with sporadic other bits of information. The "studdering" seems to be caused by the interleaving of the same message several times. This would get caused by either having multiple sources writting the same message to the same destination (unlikely) or possibly an application bug where a small part of a buffer gets written and then fails, and the application retries writing the buffer, for this to happen the application would have to be mishandling the return code. Your specific log output looks like it has both problems happening, I have to assume that the problem is occuring somewhere in the audit -> kern buffer -> dd -> ksyslogd -> syslog chain. I can pretty confidently rule out the AppArmor module as it builds up each message in a buffer and either logs it as a whole or fails the whole message. If this is a reoccurring problem we can track down where it is happening by cutting out parts of the auditing chain. Basically try sending the dd output straight to disk, if that is corrupt then its either kernel audit or dd, to rule out dd we would remove dd and have ksyslogd read the ring buffer directly, etc. -- Corrupted AppArmor audit log messages https://bugs.launchpad.net/bugs/160238 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 131976] Re: fails to start: cannot apply additional memory protection after relocation - apparmor doesn't work on stacked file system (livecd)
Vincent can you attach your /var/log/messages & if present /var/log/audit/audit.log -- fails to start: cannot apply additional memory protection after relocation - apparmor doesn't work on stacked file system (livecd) https://bugs.launchpad.net/bugs/131976 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 157952] Re: Profile violations fail to log correctly
Well I can say that this isn't related to https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/140508 as the problem there was a message format change and not the message being logged. Since messages being sent to the kernel ring buffer (dmesg), we can infer that auditd isn't running. What happens if you rerun genprof on the program. Also are other kernel messages getting logged in /var/log/messages? Could you attach your /etc/syslog.conf and a tail of /var/log/messages? -- Profile violations fail to log correctly https://bugs.launchpad.net/bugs/157952 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 157952] Re: Profile violations fail to log correctly
could you take a look and verify the messages are showing up in /var/log/syslog and /var/log/kern.log and could you also attach your /etc/apparmor/logprofi.conf -- Profile violations fail to log correctly https://bugs.launchpad.net/bugs/157952 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 157952] Re: Profile violations fail to log correctly
err sorry for the typo the config file is /etc/apparmor/logprof.conf -- Profile violations fail to log correctly https://bugs.launchpad.net/bugs/157952 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 157952] Re: Profile violations fail to log correctly
Can you check and see if the genprof marks and kernel messages are going to /var/log/syslog and if they both are can you try editing your /etc/apparmor/logprof.conf from logfiles = /var/log/audit/audit.log /var/log/messages /var/log/syslog to logfiles = /var/log/syslog -- Profile violations fail to log correctly https://bugs.launchpad.net/bugs/157952 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 157952] Re: Profile violations fail to log correctly
If the above doesn't work could you include the output from the following command ps aux | grep logd -- Profile violations fail to log correctly https://bugs.launchpad.net/bugs/157952 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 157952] Re: Profile violations fail to log correctly
Your ps output shows that klogd isn't running. This means none of the kernel messages will make it to syslog. do "ps aux | grep logd" and kill the dd process and then run "/etc/init.d/klogd start", then rerun "ps aux | grep logd" to make sure klogd and syslogd are running. If they are try profiling something and see if the messages show up in any of the log file /var/log/messages, /var/log/syslog, /var/log/kern.log This should fixes the problem temporarily but we still need to find out why your klogd is not starting or dying on boot. -- Profile violations fail to log correctly https://bugs.launchpad.net/bugs/157952 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 157952] Re: Profile violations fail to log correctly
Glad to hear it worked. My guess is that it happened because Ubuntu runs klogd under the klogd user instead of root. -- Profile violations fail to log correctly https://bugs.launchpad.net/bugs/157952 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 172534] Re: no way to allow bluetooth socket creation
Sadly the man pages didn't get updated to reflect locking, append, network rules, or change_profile, this is a bug and you can add it to launch pad or reference the bug filed in the forge bugzilla https://bugzilla.novell.com/show_bug.cgi?id=326210. genprof/logprof should be able to update the profile for this type, or you can manually add any of the following rules. network bluetooth seqpacket,# only allow sockets of family bluetooth, type seqpacket network bluetooth, # allow any sockets of family bluetooth (as steve mentioned) network, # allow all types of networking inet, inet6, bluetooth, ... -- no way to allow bluetooth socket creation https://bugs.launchpad.net/bugs/172534 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 160238] Re: Corrupted AppArmor audit log messages
hmm, strange it works for me. Is there away that I can get a login on the machine, and take a look at what is going on? If not I will see what else we can do. -- Corrupted AppArmor audit log messages https://bugs.launchpad.net/bugs/160238 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 165018] Re: feisty crashes with an error of apparmor
Could you provide more detail about how your system is crashing? What part of your system is crashing? Is this a default fiesty install or have installed a custom kernel? I didn't see any oops in your dmesg dump. The only "error" that I can see is the message below audit(1196006403.262:3): type=1503 operation="inode_permission" requested_mask="a" denied_mask="a" name="/dev/tty" pid=4838 profile="/usr/sbin/cupsd" which means AppArmor is denying console access to cupsd, which could possibly cause cups to crash. A possible quick solution is to to run logprof > logprof /usr/sbin/cupsd which should prompt you to add the "a" permission for /dev/tty. Alternately you could also manual edit the profile it should be in "/etc/apparmor.d/usr.sbin.cupsd". You will need to add the line /dev/tty a, -- feisty crashes with an error of apparmor https://bugs.launchpad.net/bugs/165018 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 173709] Re: apparmor with klogd in enforce mode, causes kdm to fail during initial launch on Hardy Heron
You can either manually edit the klogd profile or use the profiling tool logprof. > logprof /sbin/klogd logprof should scan your log file and find the reject and then ask to add "r" permission for /proc/kallsyms, saying yes will allow this and then you can save and place the profile in enforce mode. Alternately if you hand edit the profile it is "/etc/apparmor.d/sbin.klogd", you will need to add the following rule /proc/kallsyms r, I am unsure why AppArmor stopping klogd from accessing /proc/kallsyms would cause KDM or other services to fail unless they are dependent on klogd. I am not very familiar with upstart so I can't say if this is the case at the moment. I will look into it and see what I can find. -- apparmor with klogd in enforce mode, causes kdm to fail during initial launch on Hardy Heron https://bugs.launchpad.net/bugs/173709 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 160238] Re: Corrupted AppArmor audit log messages
Okay thankyou, looking at the kmesg dump it would appear I need to look into the kernel auditing code more closely. As for not being able to start klogd, sorry about that I seemed to have edited my local profiles for testing long ago and had forgotten about making the changes. -- Corrupted AppArmor audit log messages https://bugs.launchpad.net/bugs/160238 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 160238] Re: Corrupted AppArmor audit log messages
If auditd is working for you, I wouldn't worry about it. If however you want to use syslog or just want to try debugging this I can walk you through it step by step. It really wouldn't be much more than copying and pasting some script lines and commenting others out. -- Corrupted AppArmor audit log messages https://bugs.launchpad.net/bugs/160238 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 160238] Re: Corrupted AppArmor audit log messages
okay the first thing I want you to try is removing the use of dd from the auditing chain open /etc/init.d/klogd in an editor (you need to be root), find the line that looks like this # shovel /proc/kmsg to pipe readable by klogd user start-stop-daemon --start --pidfile $kmsgpidfile --exec /bin/dd -b -m -- bs=1 if=/proc/kmsg of=$kmsgpipe and comment it out so it is now # shovel /proc/kmsg to pipe readable by klogd user #start-stop-daemon --start --pidfile $kmsgpidfile --exec /bin/dd -b -m -- bs=1 if=/proc/kmsg of=$kmsgpipe now find the line # start klogd as non-root with reading from kmsgpipe start-stop-daemon --start --quiet --chuid klog --exec $binpath -- $KLOGD and comment it out and replace it with the command shown below # start klogd as non-root with reading from kmsgpipe #start-stop-daemon --start --quiet --chuid klog --exec $binpath -- $KLOGD start-stop-daemon --start --quiet --exec $binpath -- /proc/kmsg save /etc/init.d/klogd then do > sudo /etc/init.d/klogd stop > sudo /etc/init.d/klogd start > ps aux | grep logd syslog6645 0.0 0.1 1912 728 ?Ss 01:34 0:00 /sbin/syslogd -u syslog root 6698 0.0 0.2 2496 1400 ?Ss 01:35 0:00 /sbin/klogd /proc/kmsg jj6959 0.0 0.1 2972 748 pts/0R+ 01:48 0:00 grep logd what you are looking for here is that dd isn't list, like above. Now you should be able to try and recreate the corrupted messages again. If the corrupt messages still happen, we can try dumping /proc/kmsg directly to a file bypassing klogd and syslog entirely. edit /etc/init.d/klogd again, restore the klogd command by deleting the command and removing the commenting so it looks like # start klogd as non-root with reading from kmsgpipe start-stop-daemon --start --quiet --chuid klog --exec $binpath -- $KLOGD now copy the dd command line and edit it so it looks like (the only part that is changed is of= at the end) # shovel /proc/kmsg to pipe readable by klogd user #start-stop-daemon --start --pidfile $kmsgpidfile --exec /bin/dd -b -m -- bs=1 if=/proc/kmsg of=$kmsgpipe start-stop-daemon --start --pidfile $kmsgpidfile --exec /bin/dd -b -m -- bs=1 if=/proc/kmsg of=/tmp/kmsg-dump save and then do > sudo /etc/init.d/klogd stop > sudo /etc/init.d/klogd start you can then try recreating the corrupted messages again. genprof will work but it won't find any messages, to see if the messages are corrupt you can look at the /tmp/kmsg-dump file. If they are still corrupt the bug is in the kernel, and I will have to take a closer look at the audit / printk interface. -- Corrupted AppArmor audit log messages https://bugs.launchpad.net/bugs/160238 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 160238] Re: Corrupted AppArmor audit log messages
your console log (near the end) shows that klogd is not running, which means none of the kernel messages will get logged. 21:06:01~>ps aux | grep logd syslog5093 0.1 0.0 1916 700 ?Ss 20:35 0:03 /sbin/syslogd -u syslog ubuntu8032 0.0 0.0 2976 768 pts/0R+ 21:06 0:00 grep logd when I do this I get [EMAIL PROTECTED]:~$ ps aux | grep logd syslog4117 0.0 0.1 1912 704 ?Ss 12:16 0:00 /sbin/syslogd -u syslog root 5968 0.4 0.2 2496 1392 ?Ss 12:23 0:00 /sbin/klogd /proc/kmsg jj5992 0.0 0.1 2972 748 pts/0R+ 12:23 0:00 grep logd Can you try restarting your /etc/init.d/klogd again? Perhaps even reboot with the edited initscript and see if klogd starts. If that doesn't work I would suggest reediting the file, the edit looks good but maybe it picked up a hidden character that isn't liked. -- Corrupted AppArmor audit log messages https://bugs.launchpad.net/bugs/160238 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 176301] Re: Should provide a flag to disable ptrace()/LD_PRELOAD
Both of those flags would be easy to implement, the question is it worth it? As Kees pointed out an unconfined user can easily circumvent policy attachment and thus the flags that AppArmor would be enforcing. There are four cases I can see this working in: - trusted start up of deamon, only worried about ptrace attack on it. In this case we need to be able to stop an unconfined user process from ptraceing the deamon - app launched by trusted process that relies mandates the application start from a fixed location (eg. /usr/bin/whatever) - app is launched by a wrapper script in a profile that enforces the launch location. - confine the user The 1st case is really being concerned about ptrace attacks from something that gets compromised after login. The 2nd and 3rd are ways of preventing something that is compromised from circumventing the protections. The last one is not trusting the user, and can be done quite well with the most recent version of apparmor (not in gutsy). In general I like the idea of adding some flags to facilitate this, how did you envision the flags being set up and what are some more specific use cases (examples). Basically I am looking for design cues, as deciding how to express it is going to be the hardest point of implementing it. -- Should provide a flag to disable ptrace()/LD_PRELOAD https://bugs.launchpad.net/bugs/176301 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202161] Re: apparmor broken after reboot on i386
This is a side effect of linux personalities. When booting on an ia32 machine hardy has the READ_IMPLIES_EXEC flag set in its personality. This causes an mmap for read permission to also ask for PROT_EXEC, which causes the extra 'm' request seen above. Ubuntu by default is mounting several things as nosuid which has the side effect of clearing the READ_IMPLIES_EXEC flag when a user logs in. This flag stays cleared even when the user sudo's, so starting the service from sudo is not asking for the extra 'm' permission. If you enable the root account and log directly into root and try to start the given services, you will see the same reject as at boot. There are several way to fix this: - just stick the 'm' permission in the AppArmor profiles. This is pretty much required for ia32 machines that don't support noexec in the mmu - set the personality at boot so that READ_IMPLIES_EXEC is cleared. - don't use the nosuid mount option -- apparmor broken after reboot on i386 https://bugs.launchpad.net/bugs/202161 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202161] Re: apparmor broken after reboot on i386
sorry, I jumped the gun slightly and mis read a mount line and a piece of code. The nosuid option does interact with this but is not whats causing the clearing of the personality. Execution of any setuid binary will cause the personality to get cleared, so using either su or sudo to switch from user to root clears the personality. The net effect is no different however in that on boot READ_IMPLIES_EXEC is set, so apparmor is being asked for the extra 'm' permission. The best solution at the moment if you want a single policy set for all x86 machines is to just include the 'm' permission. -- apparmor broken after reboot on i386 https://bugs.launchpad.net/bugs/202161 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 549428] Re: Triggers permanent high i/o load after upgrade
Yes, it is part of the apparmor-utils package so it isn't a required part of the default install, you will need to run it as root to be able to collect as much information as possible. All the information collected by aa-status is available manually (its just raw in a raw form) if you don't want to or can't install apparmor-utils. via. > sudo cat /sys/kernel/security/apparmor/profiles > sudo ps auxZ Another package you might consider installing is apparmor-notify which will give you gui notifications when apparmor is blocking access. If you do install it see man aa-notify for information on how to turn it on, as there is currently a bug where it isn't turned on by default when it is installed. -- Triggers permanent high i/o load after upgrade https://bugs.launchpad.net/bugs/549428 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 458299] Re: apparmor_parser: page allocation failure. order:5
there are a couple things going on here. The batch update recompiles the policy which is cpu intensive, more so as multiple profiles are being done in parallel. Once done, the compiled policy is cached in /etc/apparmor.d/cache/ We have discussed dropping the parallel compute part which would help reducing the load, and memory consumption to replicate the compile load do > sudo rm /etc/apparmor.d/cache/* > sudo /etc/init.d/apparmor reload The memory error message is simple bug where the __NO_WARN flag got missed on the fast path of a memory allocation, that falls back to a slower vmalloc when it fails. The perpetual effect being reported by Johan is another bug that I haven't been able to rule out as being related to this bug yet. -- apparmor_parser: page allocation failure. order:5 https://bugs.launchpad.net/bugs/458299 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 131976] Re: apparmor doesn't work on stacked file system (livecd) -- DHCP/cups/others fail to start
Nikolaus upstream does watch here and track bugs filed in launchpad. This particular issue arise due to the LSM not providing AppArmor sufficient information about access on stacked file systems. You can mostly work around the issue using the alias command can you try adding the following commands to your /etc/apparmor.d/tunables/alias file alias /rofs -> /, alias /cow -> /, -- apparmor doesn't work on stacked file system (livecd) -- DHCP/cups/others fail to start https://bugs.launchpad.net/bugs/131976 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 131976] Re: apparmor doesn't work on stacked file system (livecd) -- DHCP/cups/others fail to start
Nikolaus, did you restart apparmor after making the change? The profiles will have to be reloaded. > sudo /etc/init.d/apparmor restart if that doesn't work can you attach your profiles -- apparmor doesn't work on stacked file system (livecd) -- DHCP/cups/others fail to start https://bugs.launchpad.net/bugs/131976 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 131976] Re: apparmor doesn't work on stacked file system (livecd) -- DHCP/cups/others fail to start
Nikolaus, thanks, it looks like you have hit a bug in the alias command, I'll look into this and see if I can't get something for you to test in the next couple of days. -- apparmor doesn't work on stacked file system (livecd) -- DHCP/cups/others fail to start https://bugs.launchpad.net/bugs/131976 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 131976] Re: apparmor doesn't work on stacked file system (livecd) -- DHCP/cups/others fail to start
Right I messed up the alias order but there is still a bug in alias processing, that needs to be fixed before this will work. Basically setting alias /etc -> /rofs/etc, will result in rejections for accesses to /etc/ instead of /rofs/etc/ -- apparmor doesn't work on stacked file system (livecd) -- DHCP/cups/others fail to start https://bugs.launchpad.net/bugs/131976 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 367499] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010
Matt, sounds like virtual box crashing some where around when it does its input grab, I have experienced virtual machines grabbing input and not returning before too, can you try to replicate and then from a terminal run apport-collect -p linux-image-`uname -r` 367499 it might be an idea to have the above command entered in the terminal in advance and just use the virtual keyboard to hit enter with the mouse. thanks -- BUG: unable to handle kernel NULL pointer dereference at 0010 https://bugs.launchpad.net/bugs/367499 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 367499] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010
Matt, sounds like virtual box crashing some where around when it does its input grab, I have experienced virtual machines grabbing input and not returning before too, can you try to replicate and then from a terminal run apport-collect -p linux-image-`uname -r` 367499 it might be an idea to have the above command entered in the terminal in advance and just use the virtual keyboard to hit enter with the mouse. thanks -- BUG: unable to handle kernel NULL pointer dereference at 0010 https://bugs.launchpad.net/bugs/367499 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 501206] Re: xserver-xorg-input-wacom conflicts with xserver-xorg-core
Same conflict here with a tablet pc. The failure message from synaptic is: Could not mark all packages for installation or upgrade The following packages have unresolvable dependencies. Make sure that all required repositories are added and enabled in the preferences. xserver-xorg-input-wacom: Depends: xserver-xorgpcore but is not going to be installed -- xserver-xorg-input-wacom conflicts with xserver-xorg-core https://bugs.launchpad.net/bugs/501206 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 501206] Re: xserver-xorg-input-wacom conflicts with xserver-xorg-core
Make that xserver-xorg-core Which is installed. -- xserver-xorg-input-wacom conflicts with xserver-xorg-core https://bugs.launchpad.net/bugs/501206 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 503869] Re: multiple HOMEDIRS tunable entries can exponentially increase profile loading time
This bug has been isolated to the dfa and transition table generation in the apparmor_parser, the HOMEDIRS tunable triggered this by causing many extra states to be generated. The bug is not Atom specific but the Atom doesn't deal well with the current code doing the generation. There are a couple things that still need to be done to address this bug - dfa state minimization - improved dfa table packing -- multiple HOMEDIRS tunable entries can exponentially increase profile loading time https://bugs.launchpad.net/bugs/503869 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 451375] Re: apparmor disallows truncate of deleted file
The Lucid kernel add some flags to provide better control over this and other path behaviors and it looks like the flag for deleted file lookup isn't properly being applied. It will be fixed in the next update of AppArmor. -- apparmor disallows truncate of deleted file https://bugs.launchpad.net/bugs/451375 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 428692] Re: ec2 kernel needs CONFIG_BLK_DEV_LOOP=y and other config changes
The Karmic proposed kernels have been tested on EC2. They boot and everything appears to be working correctly. -- ec2 kernel needs CONFIG_BLK_DEV_LOOP=y and other config changes https://bugs.launchpad.net/bugs/428692 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 415632] Re: apparmor not properly handling file deletion on NFS
This is looking like a failure in AppArmor's path resolution ** Changed in: linux (Ubuntu) Assignee: (unassigned) => John Johansen (jjohansen) -- apparmor not properly handling file deletion on NFS https://bugs.launchpad.net/bugs/415632 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 487097] Re: aufs fchown() bug caused by apparmor
Laszlo, Have you seen a similar oops occur in Karmic? AppArmor no longer touches ATTR_FILE so if you are seeing similar behavior I am going to need an oops or something more tangible to examine. -- aufs fchown() bug caused by apparmor https://bugs.launchpad.net/bugs/487097 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 461830] Re: Wireless reports connection Bit Rate=0 kb/s
Yes I have now tested with the linux-backports-modules-wireless-karmic- generic and a fully updated karmic but the problem persists. Network manager now reports it as connect speed unknown and iwconfig as Bit Rate=0 kb/s. -- Wireless reports connection Bit Rate=0 kb/s https://bugs.launchpad.net/bugs/461830 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 487097] Re: aufs fchown() bug caused by apparmor
** Changed in: linux (Ubuntu Karmic) Status: In Progress => Invalid ** Changed in: linux (Ubuntu Lucid) Status: In Progress => Invalid -- aufs fchown() bug caused by apparmor https://bugs.launchpad.net/bugs/487097 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 365233] Re: Provide Ubuntu EC2 kernels with 1000Hz timer (for VOIP/Asterisk)
Just an update we have Karmic kernels now (see lp bug 418130), also the alpha6 ami when release should a karmic kernel set as the default. This should enable testing to proceed. -- Provide Ubuntu EC2 kernels with 1000Hz timer (for VOIP/Asterisk) https://bugs.launchpad.net/bugs/365233 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 361819] Re: Frequent random KVM host kernel OOPS
No I haven't been able to confirm it is a kernel issue yet, though I am planning on devoting some good time to this bug over the next couple days. -- Frequent random KVM host kernel OOPS https://bugs.launchpad.net/bugs/361819 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 398568] Re: ami-bbf514d2: Sometimes does not start booting (empty console output, no network)
Importance lowered as there is a function karmic kernel with the Xen patchset (lpn Bug #418130) that can be used. It is still desirable to fix this bug as using a pv-ops kernel is desirable in the long run. This bug is still blocked on obtaining further information from Amazon. -- ami-bbf514d2: Sometimes does not start booting (empty console output, no network) https://bugs.launchpad.net/bugs/398568 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 419505] Re: AppArmor generated includes files are not ignored by git
** Changed in: apparmor (Ubuntu) Status: In Progress => Fix Released -- AppArmor generated includes files are not ignored by git https://bugs.launchpad.net/bugs/419505 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 431103] Re: ssh host key fingerprint no longer available in the console log
While it appears there is some kernel interaction it isn't just a kernel issue. I did further testing and came up with some interesting results. ami | aki| ari | full boot | init message go to console fedora ami-2547a34c | fedora aki-b51cf9dc | fedora ari-b31cf9da | Yes | Yes ubuntu ami-1a658573 | fedora aki-b51cf9dc | fedora ari-b31cf9da | No | Yes ubuntu ami-1a658573 | aki-9c1efef5| ari-901efef9 | Yes | No fedora ami-2547a34c | aki-9c1efef5| ari-901efef9 | Yes | Yes A fedora userspace with the karmic kernel/initrd will boot and display init messages to the console. -- ssh host key fingerprint no longer available in the console log https://bugs.launchpad.net/bugs/431103 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 445818] Re: profile for usr.sbin.dnsmasq needs adjustment
Jeremy, Are you getting AppArmor rejects? They should show up in the output of dmesg. Can you run apport-collect -p apparmor 445818 -- profile for usr.sbin.dnsmasq needs adjustment https://bugs.launchpad.net/bugs/445818 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 562047] [NEW] AppArmor sid wraps causing learning profile names to collide
Public bug reported: The global sid type was not properly updated when the sid was transitioned from a u16:u16 pair of global and user sid to a single u32 sid. This causes the sid to wrap, this won't cause problems for mediation, but could conceivably cause problems for an extremely long lived learning session where profile are frequently replaced. ** Affects: linux (Ubuntu) Importance: Undecided Assignee: John Johansen (jjohansen) Status: In Progress ** Changed in: linux (Ubuntu) Assignee: (unassigned) => John Johansen (jjohansen) ** Changed in: linux (Ubuntu) Status: New => In Progress -- AppArmor sid wraps causing learning profile names to collide https://bugs.launchpad.net/bugs/562047 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 562044] [NEW] AppArmor causes hard lock when free vmalloced memory in interrupt context
Public bug reported: AppArmor will cause a hard lockup due to calling vfree in interrupt context, backtrace attached below ** Affects: linux (Ubuntu) Importance: Undecided Assignee: John Johansen (jjohansen) Status: In Progress ** Changed in: linux (Ubuntu) Assignee: (unassigned) => John Johansen (jjohansen) ** Changed in: linux (Ubuntu) Status: New => In Progress -- AppArmor causes hard lock when free vmalloced memory in interrupt context https://bugs.launchpad.net/bugs/562044 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 562044] Re: AppArmor causes hard lock when free vmalloced memory in interrupt context
[ 80.250147] [ cut here ] [ 80.251233] kernel BUG at /home/jj/ubuntu/lucid/ubuntu-lucid/mm/vmalloc.c:1406! [ 80.252769] invalid opcode: [#1] SMP [ 80.253702] last sysfs file: /sys/devices/pci:00/:00:04.0/class [ 80.255107] CPU 0 [ 80.29] Modules linked in: binfmt_misc ppdev lp parport fbcon tileblit font bitblit softcursor psmouse serio_raw vga16fb vgastate i2c_piix4 virtio_blk virtio_net floppy virtio_pci virtio_ring virtio [ 80.259814] Pid: 671, comm: Xorg Not tainted 2.6.32-20-generic #30 Bochs [ 80.260019] RIP: 0010:[] [] vfree+0x2c/0x30 [ 80.260019] RSP: 0018:880001c03d50 EFLAGS: 00010206 [ 80.260019] RAX: 0100 RBX: RCX: 817af230 [ 80.260019] RDX: 0020e000 RSI: 8127df30 RDI: c920e000 [ 80.260019] RBP: 880001c03d50 R08: R09: [ 80.260019] R10: R11: 0001 R12: 88001cc2b540 [ 80.260019] R13: 88001f8c5840 R14: 88001f8c5840 R15: 880001c10610 [ 80.260019] FS: 7f919246c700() GS:880001c0() knlGS: [ 80.260019] CS: 0010 DS: ES: CR0: 8005003b [ 80.260019] CR2: 7f0a62c7 CR3: 1085a000 CR4: 06f0 [ 80.260019] DR0: DR1: DR2: [ 80.260019] DR3: DR6: 0ff0 DR7: 0400 [ 80.260019] Process Xorg (pid: 671, threadinfo 880011db, task 8800127a44d0) [ 80.260019] Stack: [ 80.260019] 880001c03d60 8127dd15 880001c03d80 8127df0a [ 80.260019] <0> 88001cc2b540 8127df30 880001c03d90 8127df3e [ 80.260019] <0> 880001c03db0 812b45d7 880012425800 81280e80 [ 80.260019] Call Trace: [ 80.260019] [ 80.260019] [] free_table+0x45/0x50 [ 80.260019] [] aa_dfa_free+0x2a/0x50 [ 80.260019] [] ? aa_dfa_free_kref+0x0/0x10 [ 80.260019] [] aa_dfa_free_kref+0xe/0x10 [ 80.260019] [] kref_put+0x37/0x70 [ 80.260019] [] ? aa_free_profile_kref+0x0/0x20 [ 80.260019] [] aa_free_profile+0xaa/0x130 [ 80.260019] [] aa_free_profile_kref+0x12/0x20 [ 80.260019] [] kref_put+0x37/0x70 [ 80.260019] [] aa_free_task_context+0x2e/0x70 [ 80.260019] [] apparmor_cred_free+0x1a/0x30 [ 80.260019] [] security_cred_free+0x16/0x20 [ 80.260019] [] put_cred_rcu+0x26/0xb0 [ 80.260019] [] __rcu_process_callbacks+0x10d/0x340 [ 80.260019] [] ? kvm_clock_read+0x21/0x30 [ 80.260019] [] rcu_process_callbacks+0x2b/0x50 [ 80.260019] [] __do_softirq+0xb7/0x1e0 [ 80.260019] [] ? tick_program_event+0x2a/0x30 [ 80.260019] [] call_softirq+0x1c/0x30 [ 80.260019] [] do_softirq+0x65/0xa0 [ 80.260019] [] irq_exit+0x85/0x90 [ 80.260019] [] smp_apic_timer_interrupt+0x71/0x9c [ 80.260019] [] apic_timer_interrupt+0x13/0x20 [ 80.260019] [ 80.260019] [] ? do_select+0x33a/0x6d0 [ 80.260019] [] ? do_select+0x32e/0x6d0 [ 80.260019] [] ? __pollwait+0x0/0xf0 [ 80.260019] [] ? __wake_up_sync_key+0x5e/0x80 [ 80.260019] [] ? sock_def_readable+0x44/0x80 [ 80.260019] [] ? unix_stream_sendmsg+0x21a/0x3e0 [ 80.260019] [] ? pollwake+0x0/0x60 [ 80.260019] [] ? sock_aio_write+0x13c/0x150 [ 80.260019] [] ? sock_aio_write+0x0/0x150 [ 80.260019] [] ? do_sync_readv_writev+0xfb/0x140 [ 80.260019] [] ? core_sys_select+0x18a/0x2c0 [ 80.260019] [] ? autoremove_wake_function+0x0/0x40 [ 80.260019] [] ? pvclock_clocksource_read+0x4f/0x90 [ 80.260019] [] ? __switch_to_xtra+0x160/0x1e0 [ 80.260019] [] ? default_spin_lock_flags+0x9/0x10 [ 80.260019] [] ? _spin_lock_irqsave+0x2f/0x40 [ 80.260019] [] ? __remove_hrtimer+0x3b/0xb0 [ 80.260019] [] ? lock_hrtimer_base+0x31/0x60 [ 80.260019] [] ? pvclock_clocksource_read+0x4f/0x90 [ 80.260019] [] ? sys_select+0x47/0x110 [ 80.260019] [] ? system_call_fastpath+0x16/0x1b [ 80.260019] Code: 48 89 e5 0f 1f 44 00 00 65 48 8b 04 25 c8 cb 00 00 48 63 80 44 e0 ff ff a9 00 ff ff 07 75 0c be 01 00 00 00 e8 76 fe ff ff c9 c3 <0f> 0b eb fe 55 48 89 e5 0f 1f 44 00 00 48 85 ff 74 37 48 b8 ff [ 80.260019] RIP [] vfree+0x2c/0x30 [ 80.260019] RSP [ 80.347689] ---[ end trace eb670d10528807ab ]--- [ 80.348621] Kernel panic - not syncing: Fatal exception in interrupt [ 80.349886] Pid: 671, comm: Xorg Tainted: G D2.6.32-20-generic #30 [ 80.351320] Call Trace: [ 80.351832][] panic+0x78/0x137 [ 80.352979] [] oops_end+0xea/0xf0 [ 80.353993] [] die+0x5b/0x90 [ 80.354924] [] do_trap+0xc4/0x170 [ 80.355915] [] do_invalid_op+0x95/0xb0 [ 80.357010] [] ? vfree+0x2c/0x30 [ 80.358021] [] ? ip_local_deliver_finish+0xdd/0x2d0 [ 80.359317] [] invalid_op+0x1b/0x20 [ 80.360399] [] ? aa_dfa_free_kref+0x0/0x10 [ 80.361530] [] ? vfree+0x2c/0x30 [ 80.362531] [] free_table+0x45/0x50 [ 80.363576] [] aa_dfa_free+0x2a/0x50 [ 80.
[Bug 549428] Re: Triggers permanent high i/o load after upgrade
** Changed in: apparmor (Ubuntu) Assignee: (unassigned) => John Johansen (jjohansen) ** Changed in: apparmor (Ubuntu) Status: Incomplete => In Progress -- Triggers permanent high i/o load after upgrade https://bugs.launchpad.net/bugs/549428 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 529288] Re: "Kernel Oops" - unable to handle kernel paging request at ffff880323279bf2 RIP is at aa_dfa_match_len+0xd9/0xf0
** Changed in: linux (Ubuntu) Assignee: (unassigned) => John Johansen (jjohansen) ** Changed in: linux (Ubuntu) Status: Incomplete => In Progress -- "Kernel Oops" - unable to handle kernel paging request at 880323279bf2 RIP is at aa_dfa_match_len+0xd9/0xf0 https://bugs.launchpad.net/bugs/529288 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 367499] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010
** Changed in: linux (Ubuntu) Status: Incomplete => In Progress -- BUG: unable to handle kernel NULL pointer dereference at 0010 https://bugs.launchpad.net/bugs/367499 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 562052] [NEW] AppArmor leaks children profiles when parent is removed first
Public bug reported: When a profile containing children profiles or hats is removed before its children are (what is done by the apparmor_parser and initscripts). Then the children profiles are removed from availability but the memory associated with them is leaked and never freed. ** Affects: linux (Ubuntu) Importance: Undecided Assignee: John Johansen (jjohansen) Status: In Progress ** Changed in: linux (Ubuntu) Assignee: (unassigned) => John Johansen (jjohansen) ** Changed in: linux (Ubuntu) Status: New => In Progress -- AppArmor leaks children profiles when parent is removed first https://bugs.launchpad.net/bugs/562052 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 562060] [NEW] AppArmor has type-o in log message reporting scrubbing of environment variables
Public bug reported: The debug warning of scrubbing the environment variables is used by userspace to detect when exec and permission failures may be caused by environment variable scrubbing like when firefox execs java as in bug http://bugs.launchpad.net/bugs/484148. Having it mispelled makes it difficult to grep for in the logs. ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- AppArmor has type-o in log message reporting scrubbing of environment variables https://bugs.launchpad.net/bugs/562060 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 562056] [NEW] AppArmor fails to mediate deleted files
Public bug reported: The default behavior for AppArmor used to be to mediate deleted files. This can now be controlled on a per profile basis but the field is not defaulting to the correct value when path_flags is not specified. This is causing regressions in profiles expecting deleted files to be mediated by path instead of delegated. ** Affects: linux (Ubuntu) Importance: Undecided Assignee: John Johansen (jjohansen) Status: In Progress ** Changed in: linux (Ubuntu) Assignee: (unassigned) => John Johansen (jjohansen) ** Changed in: linux (Ubuntu) Status: New => In Progress -- AppArmor fails to mediate deleted files https://bugs.launchpad.net/bugs/562056 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 562063] [NEW] AppArmor can cause oops due to refcount error when exec fails
Public bug reported: The error case for ptrace permission on exec missed putting the new_profile, fix this ommission and consolidate the error cases to a single point. ** Affects: linux (Ubuntu) Importance: Undecided Assignee: John Johansen (jjohansen) Status: In Progress ** Changed in: linux (Ubuntu) Assignee: (unassigned) => John Johansen (jjohansen) ** Changed in: linux (Ubuntu) Status: New => In Progress -- AppArmor can cause oops due to refcount error when exec fails https://bugs.launchpad.net/bugs/562063 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 562064] [NEW] AppArmor can cause oops due to refcount error when profile load fails
Public bug reported: If the call to aa_unpack in aa_interface_replace_profiles fails, it jumps to the end of the function which performs a put_namespace on the unassigned ns variable. OriginalLocation: git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparm$ commit: cd5e6716a74226b5013f2467bf3ed6df394a6495 ** Affects: linux (Ubuntu) Importance: Undecided Assignee: John Johansen (jjohansen) Status: In Progress ** Changed in: linux (Ubuntu) Assignee: (unassigned) => John Johansen (jjohansen) ** Changed in: linux (Ubuntu) Status: New => In Progress -- AppArmor can cause oops due to refcount error when profile load fails https://bugs.launchpad.net/bugs/562064 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 453681] Re: BUG: unable to handle kernel NULL pointer dereference at (null)
Vadim, have you seen this again with update Karmic kernels? ** Changed in: linux (Ubuntu) Status: New => Incomplete -- BUG: unable to handle kernel NULL pointer dereference at (null) https://bugs.launchpad.net/bugs/453681 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 552225] Re: system bogs down when apparmor is running
Martin, can you elaborate on how this helps, where you notice it, etc. Also can you reboot with AppArmor enabled and rerun aa-status and attach its output along with the the kern.log again. Also can you try, making symlinks in /etc/apparmor.d/disable/ to the /usr/sbin/mysqld and /usr/bin/evince profiles in the /etc/apparmor.d/ directory. This will disable those profiles by default. After doing this I suggest a clean reboot to test if this has any affect. -- system bogs down when apparmor is running https://bugs.launchpad.net/bugs/552225 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 565172] Re: BUG: unable to handle kernel paging request at f76ff01c
crazybyte, can you try this with the latest 2.6.32-21 Lucid kernel (yes I know the report is against Karmic kernel). There have been several fixes there and that will help narrow this down. You can install the Lucid kernel package without upgrading to Lucid and be able to dual boot between the Karmic and Lucid kernels if this is a concern. -- BUG: unable to handle kernel paging request at f76ff01c https://bugs.launchpad.net/bugs/565172 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 565172] Re: BUG: unable to handle kernel paging request at f76ff01c
crazybyte, Hrmm okay thanks for the information, but we still need to try to isolate this. First up have you checked to see if there is an updated bios for your machine and have you tried running memtest for an extended period on your machine? I would very much like for you to try the latest kernel it has several oops fixes in it. If you can it would be worth trying with several different flags (if the kernel doesn't work out for you). first would be apparmor=0 this will ensure it is turned off from boot so we can completely rule it out as the problem the it would be good to try with the noapic option and see the what affect that has as it has helped your machine on your machine in the past. -- BUG: unable to handle kernel paging request at f76ff01c https://bugs.launchpad.net/bugs/565172 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 565172] Re: BUG: unable to handle kernel paging request at f76ff01c
crazybyte, Alright well I think you can start booting theLucid kernel with out the extra boot parameters. Some bioses are just broken when it comes to suspend/resume but there are sometimes workarounds for them. Have a look at https://wiki.ubuntu.com/DebuggingKernelSuspendHibernateResume Basically we (well you really, I can only follow along and make suggestions) can step through this gradually and try to figure out what is failing, and see if we can get a set of parameters that will work for your laptop. -- BUG: unable to handle kernel paging request at f76ff01c https://bugs.launchpad.net/bugs/565172 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 552225] Re: system bogs down when apparmor is running
Martin, can you try booting with apparmor=0 as a kernel parameter at boot. This will completely disable AppArmor so that it never initializes. -- system bogs down when apparmor is running https://bugs.launchpad.net/bugs/552225 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 527208] Re: ec2 instance fails boot, no console output on c1.xlarge
The cause of this wasn't found in time for beta1 deadline. It is being worked on and will happen post beta1. ** Changed in: linux-ec2 (Ubuntu Lucid) Milestone: ubuntu-10.04-beta-1 => ubuntu-10.04-beta-2 -- ec2 instance fails boot, no console output on c1.xlarge https://bugs.launchpad.net/bugs/527208 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 574910] Re: High load averages on Lucid EC2 while idling
I have been able to replicate this, and actually watch the load averages fluctuate on an idle system. I have begun investigating and hope to have a solution soon. ** Changed in: linux-ec2 (Ubuntu) Status: New => Confirmed ** Changed in: linux-ec2 (Ubuntu) Status: Confirmed => In Progress ** Changed in: linux-ec2 (Ubuntu) Assignee: (unassigned) => John Johansen (jjohansen) -- High load averages on Lucid EC2 while idling https://bugs.launchpad.net/bugs/574910 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 462824] Re: apparmor fails to log change_hat transitions
The proposed package was tested and works as expected. -- apparmor fails to log change_hat transitions https://bugs.launchpad.net/bugs/462824 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 462824] Re: apparmor fails to log change_hat transitions
** Changed in: apparmor (Ubuntu Karmic) Status: New => Fix Committed ** Changed in: apparmor (Ubuntu Lucid) Status: Fix Committed => Fix Released -- apparmor fails to log change_hat transitions https://bugs.launchpad.net/bugs/462824 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 131976] Re: apparmor doesn't work on stacked file system (livecd) -- DHCP/cups/others fail to start
** Changed in: apparmor (Ubuntu) Status: Confirmed => Fix Released -- apparmor doesn't work on stacked file system (livecd) -- DHCP/cups/others fail to start https://bugs.launchpad.net/bugs/131976 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 544764] Re: unkillable apparmor_parser
Lamont, how long did you let it run for before trying to kill it, and what are the machine specs (so I can make a guess at how long it should have been computing for)? Did you check the apparmor_parser's reported state and if so what was it? -- unkillable apparmor_parser https://bugs.launchpad.net/bugs/544764 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 527208] Re: ec2 instance fails boot, no console output on c1.xlarge
If you have been affected by this bug, please try the following test kernel. aki-5b658a32 ari-5d658a34 -- ec2 instance fails boot, no console output on c1.xlarge https://bugs.launchpad.net/bugs/527208 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 458299] Re: apparmor_parser: page allocation failure. order:5
Johan, When package postinst replaces a profile there is a period where it goes through recompiling the policy that takes a lot of cpu and memory. How long the process takes depends on your processor and exact policy being recompiled but on slower processors this can take a minute or so, and can consume 100 MB while doing so. Did the compilation process eventually complete for you or did truly enter an infinite loop and never complete. Also would it be possible to attach your kernel message log. -- apparmor_parser: page allocation failure. order:5 https://bugs.launchpad.net/bugs/458299 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 458299] Re: apparmor_parser: page allocation failure. order:5
Johan, never mind I missed it below DarkNova's comment, thanks. -- apparmor_parser: page allocation failure. order:5 https://bugs.launchpad.net/bugs/458299 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 458299] Re: apparmor_parser: page allocation failure. order:5
DarkNova, Can you attach your kernel message log (/var/log/kern.log), or out put of dmesg? -- apparmor_parser: page allocation failure. order:5 https://bugs.launchpad.net/bugs/458299 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 549428] Re: Triggers permanent high i/o load after upgrade
Loïc, are you using auditd? If so can you attach output for /var/log/audit/audit.log Also if you run into this again can you attach the output of aa_status. -- Triggers permanent high i/o load after upgrade https://bugs.launchpad.net/bugs/549428 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 496110] Re: AppArmor oops when loading an empty profile
** Changed in: linux (Ubuntu) Assignee: (unassigned) => John Johansen (jjohansen) -- AppArmor oops when loading an empty profile https://bugs.launchpad.net/bugs/496110 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 517714] Re: [Lucid] Error starting domain: could not remove profile
Dustin, can you attach the dmesg from immediately after this happens -- [Lucid] Error starting domain: could not remove profile https://bugs.launchpad.net/bugs/517714 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 502442] Re: apparmor crashing apache when removing/changing hats
I haven't been able to reproduce this, and believe the commit mentioned above was likely the fix so moving to incomplete. ** Changed in: linux (Ubuntu) Status: Triaged => Incomplete -- apparmor crashing apache when removing/changing hats https://bugs.launchpad.net/bugs/502442 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
