Public bug reported:
This concerns apparmor-profiles 2.13.3-7ubuntu5 in Ubuntu focal.
I use the usr.sbin.nscd profile in enforce mode, and am seeing the
following messages in /var/log/syslog . I don't know if the SIGABRT is
related:
May 27 04:39:56 test-ubuntu64 kernel: [ 199.392521] audit: type=1400
audit(1590568796.975:76): apparmor="DENIED" operation="bind" profile="nscd"
pid=1679 comm="nscd" family="unix" sock_type="dgram" protocol=0
requested_mask="bind" denied_mask="bind"
addr="@userdb-4a5d3fdcfb9afbd7fc75948800519358"
May 27 04:40:17 test-ubuntu64 systemd[1]: nscd.service: Main process exited,
code=killed, status=6/ABRT
May 27 04:40:17 test-ubuntu64 systemd[1]: nscd.service: Failed with result
'signal'.
May 27 04:40:17 test-ubuntu64 systemd[1]: nscd.service: Scheduled restart job,
restart counter is at 9.
The @userdb-* binding looks like a systemd thing. Should a rule for this go
into /etc/apparmor.d/abstractions/nameservice ?
** Affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
** Tags: focal
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1880841
Title:
usr.sbin.nscd needs unix socket access to @userdb-*
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1880841/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
