** Also affects: apparmor (Ubuntu Plucky)
Importance: Undecided
Status: New
** Also affects: apparmor (Ubuntu Questing)
Importance: Undecided
Status: Fix Released
** Changed in: apparmor (Ubuntu Plucky)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2107596
Title:
Apparmor is missing rule for openvpn to set DNS domain
Status in apparmor package in Ubuntu:
Fix Released
Status in apparmor source package in Plucky:
In Progress
Status in apparmor source package in Questing:
Fix Released
Bug description:
If the remote openvpn server is pushing DNS settings that include a domain,
the "/etc/openvpn/update-resolv-conf" script will fail. The apparmor
settings are missing a rule to allow setting a dns domain.
Error from openvpn:
sd_bus_open_system: Permission denied
Error from apparmor:
audit: type=1107 audit(1744925540.893:328): pid=1907 uid=102 auid=4294967295
ses=4294967295 subj=unconfined msg='apparmor="DENIED"
operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1"
interface="org.freedesktop.resolve1.Manager" member="SetLinkDomains"
mask="send" name="org.freedesktop.resolve1" pid=10292
label="openvpn//update-resolv" peer_pid=888 peer_label="unconfined"
Thanks for looking into this.
# lsb_release -rd
Description: Ubuntu 25.04
Release: 25.04
# apt-cache policy apparmor
apparmor:
Installed: 4.1.0~beta5-0ubuntu14
Candidate: 4.1.0~beta5-0ubuntu14
Version table:
*** 4.1.0~beta5-0ubuntu14 500
500 http://de.archive.ubuntu.com/ubuntu plucky/main amd64 Packages
100 /var/lib/dpkg/status
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2107596/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
