** Description changed: The volatildap DEP8 tests have been failing "forever" because of the slapd apparmor profile, which (correctly) prevents slapd from reading/writing to the directory that the test suite sets up: apparmor="DENIED" operation="open" namespace="root//lxd-autopkgtest-lxd- kwrndt_<var-snap-lxd-common-lxd>" profile="/usr/sbin/slapd" name="/tmp/tmp15zext9c/slapd.conf" pid=27408 comm="slapd" requested_mask="r" denied_mask="r" fsuid=1000000 ouid=1000000 We could disable apparmor before the run, or add a local set of rules prior to the test pointing at that temporary directory. Something like this in /etc/apparmor.d/local/usr.sbin.slapd: - /tmp/<tmpdir>/** rwk, + /tmp/<tmpdir>/** rwk, and then restart apparmor, or reload the profile. + + If adding a local apparmor override, we should probably do that guarded + by check if apparmor is enabled, so this change is upstreamable. And + also add a dep8 restriction breaks-testbed.
** Description changed: The volatildap DEP8 tests have been failing "forever" because of the slapd apparmor profile, which (correctly) prevents slapd from reading/writing to the directory that the test suite sets up: apparmor="DENIED" operation="open" namespace="root//lxd-autopkgtest-lxd- kwrndt_<var-snap-lxd-common-lxd>" profile="/usr/sbin/slapd" name="/tmp/tmp15zext9c/slapd.conf" pid=27408 comm="slapd" requested_mask="r" denied_mask="r" fsuid=1000000 ouid=1000000 We could disable apparmor before the run, or add a local set of rules prior to the test pointing at that temporary directory. Something like this in /etc/apparmor.d/local/usr.sbin.slapd: /tmp/<tmpdir>/** rwk, and then restart apparmor, or reload the profile. If adding a local apparmor override, we should probably do that guarded - by check if apparmor is enabled, so this change is upstreamable. And + by a check if apparmor is enabled, so this change is upstreamable. And also add a dep8 restriction breaks-testbed. ** Description changed: The volatildap DEP8 tests have been failing "forever" because of the slapd apparmor profile, which (correctly) prevents slapd from reading/writing to the directory that the test suite sets up: apparmor="DENIED" operation="open" namespace="root//lxd-autopkgtest-lxd- kwrndt_<var-snap-lxd-common-lxd>" profile="/usr/sbin/slapd" name="/tmp/tmp15zext9c/slapd.conf" pid=27408 comm="slapd" requested_mask="r" denied_mask="r" fsuid=1000000 ouid=1000000 We could disable apparmor before the run, or add a local set of rules prior to the test pointing at that temporary directory. Something like this in /etc/apparmor.d/local/usr.sbin.slapd: /tmp/<tmpdir>/** rwk, and then restart apparmor, or reload the profile. If adding a local apparmor override, we should probably do that guarded by a check if apparmor is enabled, so this change is upstreamable. And - also add a dep8 restriction breaks-testbed. + also add dep8 restrictions breaks-testbed and needs-root. ** Description changed: The volatildap DEP8 tests have been failing "forever" because of the slapd apparmor profile, which (correctly) prevents slapd from reading/writing to the directory that the test suite sets up: apparmor="DENIED" operation="open" namespace="root//lxd-autopkgtest-lxd- kwrndt_<var-snap-lxd-common-lxd>" profile="/usr/sbin/slapd" name="/tmp/tmp15zext9c/slapd.conf" pid=27408 comm="slapd" requested_mask="r" denied_mask="r" fsuid=1000000 ouid=1000000 We could disable apparmor before the run, or add a local set of rules prior to the test pointing at that temporary directory. Something like this in /etc/apparmor.d/local/usr.sbin.slapd: /tmp/<tmpdir>/** rwk, - and then restart apparmor, or reload the profile. - - If adding a local apparmor override, we should probably do that guarded - by a check if apparmor is enabled, so this change is upstreamable. And - also add dep8 restrictions breaks-testbed and needs-root. + and then restart apparmor, or reload the profile (via sudo + apparmor_parser -r /etc/apparmor.d/profile.name) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1858800 Title: DEP8 fails due to apparmor restriction To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/volatildap/+bug/1858800/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
