[Bug 1349433] Re: AppArmor breaks seccomp @ Apache mpm-itk
I'm not clear on what the issue with mailman is but if removing the LimitUIDRange option from your Apache config solves it then it's probably expected behaviour when calling a setuid root executable (Exim?). -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mailman in Ubuntu. https://bugs.launchpad.net/bugs/1349433 Title: AppArmor breaks seccomp @ Apache mpm-itk To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1349433/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1349433] Re: AppArmor breaks seccomp @ Apache mpm-itk
We are also seeing the problem with mailman. I would appreciate it if someone could provide a workaround. Or perhaps a hint of where to look for the code that needs fixing. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mailman in Ubuntu. https://bugs.launchpad.net/bugs/1349433 Title: AppArmor breaks seccomp @ Apache mpm-itk To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1349433/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1349433] Re: AppArmor breaks seccomp @ Apache mpm-itk
** Tags added: aa-kernel -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mailman in Ubuntu. https://bugs.launchpad.net/bugs/1349433 Title: AppArmor breaks seccomp @ Apache mpm-itk To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1349433/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1349433] Re: AppArmor breaks seccomp @ Apache mpm-itk
** Changed in: apparmor Importance: Undecided = Medium ** Changed in: apparmor Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mailman in Ubuntu. https://bugs.launchpad.net/bugs/1349433 Title: AppArmor breaks seccomp @ Apache mpm-itk To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1349433/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1349433] Re: AppArmor breaks seccomp @ Apache mpm-itk
** Changed in: mailman (Ubuntu) Status: Confirmed = Invalid -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mailman in Ubuntu. https://bugs.launchpad.net/bugs/1349433 Title: AppArmor breaks seccomp @ Apache mpm-itk To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1349433/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1349433] Re: AppArmor breaks seccomp @ Apache mpm-itk
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: mailman (Ubuntu) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mailman in Ubuntu. https://bugs.launchpad.net/bugs/1349433 Title: AppArmor breaks seccomp @ Apache mpm-itk To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1349433/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1349433] Re: AppArmor breaks seccomp @ Apache mpm-itk
Note that the 'Operation not permitted' error in the original demonstration is desired behaviour- when this does /not/ happen the seccomp filter is not working as intended. It's not clear to me what problem you're see'ing but it /could/ be an affect of the seccomp filter in mpm-itk (governed by the LimitUIDRange setting) if for instance mailman is trying to run Exim which is setuid root. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mailman in Ubuntu. https://bugs.launchpad.net/bugs/1349433 Title: AppArmor breaks seccomp @ Apache mpm-itk To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1349433/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1349433] Re: AppArmor breaks seccomp @ Apache mpm-itk
I add mailman, as I think this issue affects mailman's python scripts when running with apache-mpm-itk. Running any of the python's scripts on a site protected with apache-mpm- itk gives a Operation not permitted error ** Also affects: mailman (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mailman in Ubuntu. https://bugs.launchpad.net/bugs/1349433 Title: AppArmor breaks seccomp @ Apache mpm-itk To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1349433/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs