[Touch-packages] [Bug 1518663] Re: Disconnected path errors

Tue, 17 Dec 2019 11:46:30 -0800 

Ultimately this is a kernel issue and the limitations it puts on
apparmor for tracking files with disconnected paths. There isn't
anything that the apparmor package or abstractions can do to help with
this, but people can update their profiles to use
flags=(attach_disconnected), as mentioned. For profiles shipped in
Ubuntu packages that do not use this flag but are seeing disconnected
path denials, please file new bugs and we'll adjust those profiles
accordingly. For lack of a better bug status, marking as Won't Fix.

** Changed in: apparmor (Ubuntu)
       Status: Confirmed => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1518663

Title:
  Disconnected path errors

Status in apparmor package in Ubuntu:
  Won't Fix

Bug description:
  The first error is that the audit message (notice the path):

  type=AVC msg=audit(1448143203.902:359992): apparmor="DENIED"
  operation="file_mmap" info="Failed name lookup - disconnected path"
  error=-13 profile="/usr/sbin/openvpn" name="run/nscd/dbfQMsBd"
  pid=25814 comm="openvpn" requested_mask="r" denied_mask="r" fsuid=0
  ouid=0

  appears in the audit log. The second is that aa-logprof throws an
  exception on reading it:

  Traceback (most recent call last):
    File "/usr/sbin/aa-logprof", line 54, in <module>
      apparmor.do_logprof_pass(logmark)
    File "/usr/lib/python3.4/site-packages/apparmor/aa.py", line 2289, in 
do_logprof_pass
      ask_the_questions()
    File "/usr/lib/python3.4/site-packages/apparmor/aa.py", line 1762, in 
ask_the_questions
      severity = sev_db.rank(path, mode_to_str(mode))
    File "/usr/lib/python3.4/site-packages/apparmor/severity.py", line 141, in 
rank
      raise AppArmorException("Unexpected rank input: %s" % resource)
  apparmor.common.AppArmorException: 'Unexpected rank input: run/nscd/dbfQMsBd'

  I've been having this problem for several years.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1518663/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to