Public bug reported:
Binary package hint: apparmor
The Nameservice abstraction configuration file
(/etc/apparmor.d/abstractions/nameservice) permits reads access to
(amongst other paths) /etc/resolv.conf.
However, on systems using resolvconf, this is a symbolic link to
/etc/resolvconf/run/resolv.conf -- where /etc/resolvconf/run itself is a
symlink to /var/run/resolvconf.
Apparmor does not follow symlinks; as a result, apparmor'd applications
which include the nameservice abstraction in their policy definition are
unable to read /var/run/resolvconf/resolv.conf.
This is a bug, and (for example) breaks CUPS.
Adding /var/run/resolvconf/resolv.conf to
/etc/apparmor.d/abstractions/nameservice corrects this problem. This
should probably become the default.
** Affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
--
Nameservice abstraction should also include /var/run/resolvconf/resolv.conf
https://bugs.launchpad.net/bugs/132468
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
