This bug was fixed in the package apparmor - 2.10-3ubuntu2
---
apparmor (2.10-3ubuntu2) xenial; urgency=medium
* debian/patches/parser-allow-unspec-in-network-rules.patch: Allow
apparmor_parser to support rules that use 'unspec' as the network protocol
family. (LP:
apparmor was already uploaded:
https://launchpad.net/ubuntu/+source/apparmor/2.10-3ubuntu2
Unsubscribing sponsors.
** Changed in: apparmor (Ubuntu)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is
** Changed in: apparmor (Ubuntu)
Importance: Undecided => Medium
** Changed in: ntp (Ubuntu)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1546455
The attachment "apparmor_2.10-3ubuntu2.debdiff" seems to be a debdiff.
The ubuntu-sponsors team has been subscribed to the bug report so that
they can review and hopefully sponsor the debdiff. If the attachment
isn't a patch, please remove the "patch" flag from the attachment,
remove the "patch"
Committed upstream: https://bazaar.launchpad.net/~apparmor-
dev/apparmor/master/revision/3375
** Also affects: apparmor
Importance: Undecided
Status: New
** Changed in: apparmor
Importance: Undecided => Medium
** Changed in: apparmor
Status: New => Fix Committed
** Changed
Passed QRT's test-apparmor.py in an Xenial amd64 VM.
** Patch added: "apparmor_2.10-3ubuntu2.debdiff"
https://bugs.launchpad.net/apparmor/+bug/1546455/+attachment/4574878/+files/apparmor_2.10-3ubuntu2.debdiff
--
You received this bug notification because you are a member of Ubuntu
Server
** Branch linked: lp:apparmor
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1546455
Title:
Many instances of 'apparmor="DENIED" operation="create"
profile="/usr/sbin/ntpd" pid=15139
Patch sent to the list:
https://lists.ubuntu.com/archives/apparmor/2016-February/009328.html
** Changed in: apparmor (Ubuntu)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
AF_UNSPEC is used in calls to getaddrinfo(3) to request either ipv4 or
ipv6 addresses. In the parser, we've been filtering out AF_UNSPEC as an
option. It's a simple enough patch to enable it:
Index: b/common/Make.rules
===
---
** Changed in: ntp (Ubuntu)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1546455
Title:
Many instances of 'apparmor="DENIED"
I'm going to upload a fix for ntp, but there is an apparmor bug that is
preventing it from working, so adding an apparmor task.
** Changed in: ntp (Ubuntu)
Assignee: Kick In (kick-d) => Jamie Strandboge (jdstrand)
** Changed in: ntp (Ubuntu)
Status: Confirmed => In Progress
** Also
I see that ntp is now using AF_UNSPEC in a number of places. I tried the
following rules:
# ntp uses AF_INET, AF_INET6 and AF_UNSPEC
network dgram,
network stream,
which should fix it, but still get denials. I then tried all of the following:
network udp,
network tcp,
network dgram,
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: ntp (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1546455
** Changed in: ntp (Ubuntu)
Assignee: (unassigned) => Kick In (kick-d)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1546455
Title:
Many instances of 'apparmor="DENIED"
14 matches
Mail list logo