[Touch-packages] [Bug 2046624] Re: apparmor breaks surfshark vpn

Sat, 16 Dec 2023 12:25:28 -0800 

With apparmor

   *grep 'network' /etc/apparmor.d/ab*/*
/etc/apparmor.d/abi/3.0:network {af_unix {yes
/etc/apparmor.d/abi/3.0:network_v8 {af_mask {unspec unix inet ax25 ipx 
appletalk netrom bridge atmpvc x25 inet6 rose netbeui security key netlink 
packet ash econet atmsvc rds sna irda pppox wanpipe llc ib mpls can tipc 
bluetooth iucv rxrpc isdn phonet ieee802154 caif alg nfc vsock kcm qipcrtr smc 
xdp
/etc/apparmor.d/abi/4.0:network {af_mask {unspec unix inet ax25 ipx appletalk 
netrom bridge atmpvc x25 inet6 rose netbeui security key netlink packet ash 
econet atmsvc rds sna irda pppox wanpipe llc ib mpls can tipc bluetooth iucv 
rxrpc isdn phonet ieee802154 caif alg nfc vsock kcm qipcrtr smc xdp mctp
/etc/apparmor.d/abi/4.0:network_v8 {af_mask {unspec unix inet ax25 ipx 
appletalk netrom bridge atmpvc x25 inet6 rose netbeui security key netlink 
packet ash econet atmsvc rds sna irda pppox wanpipe llc ib mpls can tipc 
bluetooth iucv rxrpc isdn phonet ieee802154 caif alg nfc vsock kcm qipcrtr smc 
xdp mctp
/etc/apparmor.d/abi/kernel-5.4-outoftree-network:network {af_unix {yes
/etc/apparmor.d/abstractions/apache2-common:  network inet stream,
/etc/apparmor.d/abstractions/apache2-common:  network inet6 stream,
grep: /etc/apparmor.d/abstractions/apparmor_api: Is a directory
grep: /etc/apparmor.d/abstractions/base.d: Is a directory
/etc/apparmor.d/abstractions/dbus-network-manager-strict:  include if exists 
<abstractions/dbus-network-manager-strict.d>
/etc/apparmor.d/abstractions/kde-open5:  include 
<abstractions/dbus-network-manager-strict>
/etc/apparmor.d/abstractions/libvirt-qemu:  network inet stream,
/etc/apparmor.d/abstractions/libvirt-qemu:  network inet6 stream,
/etc/apparmor.d/abstractions/libvirt-qemu:  # support for passt network back-end
/etc/apparmor.d/abstractions/nameservice:  # to vast speed increases when 
working with network-based lookups.
/etc/apparmor.d/abstractions/nameservice:  # TCP/UDP network access
/etc/apparmor.d/abstractions/nameservice:  network inet  stream,
/etc/apparmor.d/abstractions/nameservice:  network inet6 stream,
/etc/apparmor.d/abstractions/nameservice:  network inet  dgram,
/etc/apparmor.d/abstractions/nameservice:  network inet6 dgram,
/etc/apparmor.d/abstractions/nameservice:  network netlink raw,
grep: /etc/apparmor.d/abstractions/ubuntu-browsers.d: Is a directory
/etc/apparmor.d/abstractions/ubuntu-helpers:  # Allow all networking
/etc/apparmor.d/abstractions/ubuntu-helpers:  network inet,
/etc/apparmor.d/abstractions/ubuntu-helpers:  network inet6,

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2046624

Title:
  apparmor breaks surfshark vpn

Status in apparmor package in Ubuntu:
  New

Bug description:
  with the new   apparmor Candidate: 4.0.0~alpha2-0ubuntu7
  Breaks my VPN

     *surfshark
  [33104:1216/072144.904027:FATAL:credentials.cc(127)] Check failed: . : 
Permission denied (13)
  Trace/breakpoint trap

  It will work with --no-sandbox "surfshark --no-sandbox" not ideal.
  I removed apparmor for proof
    
  *apt policy apparmor
  apparmor:
    Installed: (none)
    Candidate: 4.0.0~alpha2-0ubuntu7
    Version table:
       4.0.0~alpha2-0ubuntu7 500
          500 http://us.archive.ubuntu.com/ubuntu noble/main amd64 Packages
  Now my VPN works as expected, spent 2 hrs this morning with surfshark 
support, they will get back to me in a day or two, but they can't find anything 
wrong on their end.

  So far it points to apparmor

  ProblemType: Bug
  DistroRelease: Ubuntu 24.04
  Package: apparmor (not installed)
  ProcVersionSignature: Ubuntu 6.5.0-9.9-generic 6.5.3
  Uname: Linux 6.5.0-9-generic x86_64
  NonfreeKernelModules: nvidia_modeset nvidia zfs
  ApportVersion: 2.27.0-0ubuntu6
  Architecture: amd64
  CasperMD5CheckResult: pass
  CurrentDesktop: XFCE
  Date: Sat Dec 16 10:40:00 2023
  InstallationDate: Installed on 2023-12-10 (6 days ago)
  InstallationMedia: Xubuntu 24.04 "Noble Numbat" - Daily amd64 (20231127)
  SourcePackage: apparmor
  UpgradeStatus: No upgrade log present (probably fresh install)
  modified.conffile..etc.default.apport:
   # set this to 0 to disable apport, or to 1 to enable it
   # you can temporarily override this with
   # sudo service apport start force_start=1
   enabled=0
  mtime.conffile..etc.default.apport: 2023-12-12T09:43:48.905263

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2046624/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to