Public bug reported:
I upgraded to isc-dhcp-server 4.1.1 and found the server wouldn't start.
Tracked it down to missing read permissions in the shipped apparmor
profile. After strace-ing, added the following quick change and
restarted apparmor to allow access to /proc/{pid}/net/dev so dhcpd can
read the network devices list. This may be specifically related to
running on maverick and perhaps belongs in a backport.
$ diff -u /etc/apparmor.d/usr.bin.dhcpd.orig /etc/apparmor.d/usr.sbin.dhcpd
--- /etc/apparmor.d/usr.bin.dhcpd.orig 2010-11-22 14:50:43.046164752 -0700
+++ /etc/apparmor.d/usr.sbin.dhcpd 2010-11-22 15:47:03.678955705 -0700
@@ -51,4 +51,5 @@
# Site-specific additions and overrides. See local/README for details.
#include <local/usr.sbin.dhcpd>
+ /proc/** r,
}
ProblemType: Bug
DistroRelease: Ubuntu 10.10
Package: isc-dhcp-server 4.1.1-P1-11ubuntu1
ProcVersionSignature: Ubuntu 2.6.35-22.34~lucid1-generic 2.6.35.4
Uname: Linux 2.6.35-22-generic x86_64
NonfreeKernelModules: openafs nvidia wl
Architecture: amd64
Date: Tue Nov 23 00:43:17 2010
ProcEnviron:
PATH=(custom, user)
SHELL=/bin/bash
SourcePackage: isc-dhcp
** Affects: isc-dhcp (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug maverick
--
Missing read access in apparmor profile for /proc/net/dev
https://bugs.launchpad.net/bugs/680387
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
