Xenial as is on ntp restart: [2618636.253807] audit: type=1400 audit(1519220834.240:5311): apparmor="DENIED" operation="file_inherit" namespace="root//lxd-x_<var-snap-lxd-common-lxd>" profile="/usr/sbin/ntpd" name="/run/systemd/journal/stdout" pid=24452 comm="ntpd" requested_mask="wr" denied_mask="wr" fsuid=1000000 ouid=1000000 [2618636.253817] audit: type=1400 audit(1519220834.240:5312): apparmor="DENIED" operation="file_inherit" namespace="root//lxd-x_<var-snap-lxd-common-lxd>" profile="/usr/sbin/ntpd" name="/run/systemd/journal/stdout" pid=24452 comm="ntpd" requested_mask="wr" denied_mask="wr" fsuid=1000000 ouid=1000000
With updates from proposed # sudo apt install apparmor Reading package lists... Done Building dependency tree Reading state information... Done The following package was automatically installed and is no longer required: libfreetype6 Use 'sudo apt autoremove' to remove it. Suggested packages: apparmor-profiles apparmor-profiles-extra apparmor-docs apparmor-utils The following packages will be upgraded: apparmor 1 upgraded, 0 newly installed, 0 to remove and 29 not upgraded. Need to get 450 kB of archives. After this operation, 1024 B of additional disk space will be used. Get:1 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 apparmor amd64 2.10.95-0ubuntu2.9 [450 kB] Fetched 450 kB in 0s (2291 kB/s) Preconfiguring packages ... (Reading database ... 25611 files and directories currently installed.) Preparing to unpack .../apparmor_2.10.95-0ubuntu2.9_amd64.deb ... Unpacking apparmor (2.10.95-0ubuntu2.9) over (2.10.95-0ubuntu2.8) ... Processing triggers for systemd (229-4ubuntu21.1) ... Processing triggers for ureadahead (0.100.0-19) ... Processing triggers for man-db (2.7.5-1) ... Setting up apparmor (2.10.95-0ubuntu2.9) ... Installing new version of config file /etc/apparmor.d/abstractions/base ... update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd # No issues anymore when restarting the service. Also found no other apparmor related issues restarting a few services that I had on there. ** Tags removed: verification-needed verification-needed-xenial ** Tags added: verification-done verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1670408 Title: apparmor base abstraction needs backport of rev 3658 to fix several denies (tor, ntp, ...) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1670408/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
