aa-status
apparmor module is loaded.
100 profiles are loaded.
31 profiles are in enforce mode.
/usr/bin/man
/usr/lib/NetworkManager/nm-dhcp-client.action
/usr/lib/NetworkManager/nm-dhcp-helper
/usr/lib/connman/scripts/dhclient-script
/usr/lib/cups/backend/cups-pdf
/usr/lib/lightdm/lightdm-guest-session
/usr/lib/lightdm/lightdm-guest-session//chromium
/usr/sbin/cups-browsed
/usr/sbin/cupsd
/usr/sbin/cupsd//third_party
/{,usr/}sbin/dhclient
firefox
firefox//browser_java
firefox//browser_openjdk
firefox//lsb_release
firefox//sanitized_helper
firejail-default
libreoffice-senddoc
libreoffice-soffice//gpg
libreoffice-xpdfimport
libvirtd
libvirtd//qemu_bridge_helper
lsb_release
man_filter
man_groff
nvidia_modprobe
nvidia_modprobe//kmod
rsyslogd
swtpm
tcpdump
virt-aa-helper
2 profiles are in complain mode.
libreoffice-oosplash
libreoffice-soffice
0 profiles are in prompt mode.
0 profiles are in kill mode.
67 profiles are in unconfined mode.
/bin/toybox
/opt/brave.com/brave/brave
/opt/google/chrome/chrome
/opt/microsoft/msedge/msedge
/opt/vivaldi/vivaldi-bin
/usr/bin/buildah
/usr/bin/busybox
/usr/bin/cam
/usr/bin/ch-checkns
/usr/bin/ch-run
/usr/bin/crun
/usr/bin/flatpak
/usr/bin/ipa_verify
/usr/bin/lc-compliance
/usr/bin/libcamerify
/usr/bin/lxc-attach
/usr/bin/lxc-create
/usr/bin/lxc-destroy
/usr/bin/lxc-execute
/usr/bin/lxc-stop
/usr/bin/lxc-unshare
/usr/bin/lxc-usernsexec
/usr/bin/mmdebstrap
/usr/bin/podman
/usr/bin/qcam
/usr/bin/rootlesskit
/usr/bin/rpm
/usr/bin/sbuild
/usr/bin/sbuild-abort
/usr/bin/sbuild-apt
/usr/bin/sbuild-checkpackages
/usr/bin/sbuild-clean
/usr/bin/sbuild-createchroot
/usr/bin/sbuild-distupgrade
/usr/bin/sbuild-hold
/usr/bin/sbuild-shell
/usr/bin/sbuild-unhold
/usr/bin/sbuild-update
/usr/bin/sbuild-upgrade
/usr/bin/slirp4netns
/usr/bin/stress-ng
/usr/bin/thunderbird
/usr/bin/trinity
/usr/bin/tup
/usr/bin/userbindmount
/usr/bin/uwsgi-core
/usr/bin/vdens
/usr/bin/vpnns
/usr/lib/*-linux-gnu*/qt5/libexec/QtWebEngineProcess
/usr/lib/qt6/libexec/QtWebEngineProcess
/usr/libexec/*-linux-gnu*/bazel/linux-sandbox
/usr/libexec/virtiofsd
/usr/sbin/runc
/usr/sbin/sbuild-adduser
/usr/sbin/sbuild-destroychroot
1password
Discord
MongoDB Compass
code
github-desktop
obsidian
opera
polypane
signal-desktop
slack
steam
wpcom
2 processes have profiles defined.
0 processes are in enforce mode.
0 processes are in complain mode.
0 processes are in prompt mode.
0 processes are in kill mode.
2 processes are unconfined but have a profile defined.
/usr/sbin/cups-browsed (2749)
/usr/sbin/cupsd (1929)
0 processes are in mixed mode.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2046624
Title:
apparmor breaks surfshark vpn
Status in apparmor package in Ubuntu:
New
Bug description:
with the new apparmor Candidate: 4.0.0~alpha2-0ubuntu7
Breaks my VPN
*surfshark
[33104:1216/072144.904027:FATAL:credentials.cc(127)] Check failed: . :
Permission denied (13)
Trace/breakpoint trap
It will work with --no-sandbox "surfshark --no-sandbox" not ideal.
I removed apparmor for proof
*apt policy apparmor
apparmor:
Installed: (none)
Candidate: 4.0.0~alpha2-0ubuntu7
Version table:
4.0.0~alpha2-0ubuntu7 500
500 http://us.archive.ubuntu.com/ubuntu noble/main amd64 Packages
Now my VPN works as expected, spent 2 hrs this morning with surfshark
support, they will get back to me in a day or two, but they can't find anything
wrong on their end.
So far it points to apparmor
ProblemType: Bug
DistroRelease: Ubuntu 24.04
Package: apparmor (not installed)
ProcVersionSignature: Ubuntu 6.5.0-9.9-generic 6.5.3
Uname: Linux 6.5.0-9-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia zfs
ApportVersion: 2.27.0-0ubuntu6
Architecture: amd64
CasperMD5CheckResult: pass
CurrentDesktop: XFCE
Date: Sat Dec 16 10:40:00 2023
InstallationDate: Installed on 2023-12-10 (6 days ago)
InstallationMedia: Xubuntu 24.04 "Noble Numbat" - Daily amd64 (20231127)
SourcePackage: apparmor
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.default.apport:
# set this to 0 to disable apport, or to 1 to enable it
# you can temporarily override this with
# sudo service apport start force_start=1
enabled=0
mtime.conffile..etc.default.apport: 2023-12-12T09:43:48.905263
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2046624/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
