Public bug reported:
Description of the problem
Every night AppArmor denial logs related to trying to write to
/lib/python3/dist-packages/uaclient/__pycache__/ are reported in the kernel
logs.
Steps to reproduce:
1. Install latest server version of Ubuntu 24.04?
Expected result:
Kernel logs to only have unusual messages.
Actual result:
Each night output like the following appears in the kernel logs:
[592502.661712] kauditd_printk_skb: 89 callbacks suppressed
[592502.661714] audit: type=1400 audit(1744604059.356:1017): apparmor="DENIED"
operation="mknod" class="file" profile="ubuntu_pro_apt_news"
name="/usr/lib/python3/dist-packages/uaclient/__pycache__/__init__.cpython-312.pyc.126322914539312"
pid=91895 comm="python3" requested_mask="c" denied_mask="c" fsuid=0 ouid=0
[592502.667012] audit: type=1400 audit(1744604059.361:1018): apparmor="DENIED"
operation="mknod" class="file" profile="ubuntu_pro_apt_news"
name="/usr/lib/python3/dist-packages/uaclient/__pycache__/apt.cpython-312.pyc.126322914712960"
pid=91895 comm="python3" requested_mask="c" denied_mask="c" fsuid=0 ouid=0
[592502.676280] audit: type=1400 audit(1744604059.370:1019): apparmor="DENIED"
operation="mknod" class="file" profile="ubuntu_pro_esm_cache"
name="/usr/lib/python3/dist-packages/uaclient/__pycache__/__init__.cpython-312.pyc.135222400273840"
pid=91896 comm="python3" requested_mask="c" denied_mask="c" fsuid=0 ouid=0
[592502.677457] audit: type=1400 audit(1744604059.372:1020): apparmor="DENIED"
operation="mknod" class="file" profile="ubuntu_pro_esm_cache"
name="/usr/lib/python3/dist-packages/uaclient/__pycache__/log.cpython-312.pyc.135222401808656"
pid=91896 comm="python3" requested_mask="c" denied_mask="c" fsuid=0 ouid=0
[592502.684794] audit: type=1400 audit(1744604059.379:1021): apparmor="DENIED"
operation="mknod" class="file" profile="ubuntu_pro_esm_cache"
name="/usr/lib/python3/dist-packages/uaclient/__pycache__/defaults.cpython-312.pyc.135222399178672"
pid=91896 comm="python3" requested_mask="c" denied_mask="c" fsuid=0 ouid=0
[592502.685174] audit: type=1400 audit(1744604059.379:1022): apparmor="DENIED"
operation="mknod" class="file" profile="ubuntu_pro_esm_cache"
name="/usr/lib/python3/dist-packages/uaclient/__pycache__/secret_manager.cpython-312.pyc.135222399178672"
pid=91896 comm="python3" requested_mask="c" denied_mask="c" fsuid=0 ouid=0
[592502.689781] audit: type=1400 audit(1744604059.384:1023): apparmor="DENIED"
operation="mknod" class="file" profile="ubuntu_pro_esm_cache"
name="/usr/lib/python3/dist-packages/uaclient/__pycache__/system.cpython-312.pyc.135222399180720"
pid=91896 comm="python3" requested_mask="c" denied_mask="c" fsuid=0 ouid=0
[592502.699986] audit: type=1400 audit(1744604059.394:1024): apparmor="DENIED"
operation="mknod" class="file" profile="ubuntu_pro_esm_cache"
name="/usr/lib/python3/dist-packages/uaclient/__pycache__/exceptions.cpython-312.pyc.135222399544752"
pid=91896 comm="python3" requested_mask="c" denied_mask="c" fsuid=0 ouid=0
[592502.706501] audit: type=1400 audit(1744604059.401:1025): apparmor="DENIED"
operation="mknod" class="file" profile="ubuntu_pro_esm_cache"
name="/usr/lib/python3/dist-packages/uaclient/messages/__pycache__/__init__.cpython-312.pyc.135222398418480"
pid=91896 comm="python3" requested_mask="c" denied_mask="c" fsuid=0 ouid=0
[592502.706551] audit: type=1400 audit(1744604059.401:1026): apparmor="DENIED"
operation="mknod" class="file" profile="ubuntu_pro_apt_news"
name="/usr/lib/python3/dist-packages/uaclient/__pycache__/event_logger.cpython-312.pyc.126322909730864"
pid=91895 comm="python3" requested_mask="c" denied_mask="c" fsuid=0 ouid=0
How reproducible is the problem?
The problem happens every day.
Version information
Ubuntu 24.04.2 LTS
ubuntu-pro-client 34~24.04 amd64
Additional information
Running
sudo systemctl restart apt-news.service
makes the messages appear in the logs straightaway.
** Affects: ubuntu-advantage-tools (Ubuntu)
Importance: Undecided
Status: New
** Bug watch added: github.com/canonical/ubuntu-pro-client/issues #3193
https://github.com/canonical/ubuntu-pro-client/issues/3193
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2107332
Title:
AppArmor denied audit messages related to __pycache__ in dmesg
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2107332/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
