I reproduced this once in a VM: [Mon Jan 26 17:54:31 2026] audit: type=1400 audit(1769450071.099:128): apparmor="DENIED" operation="sendmsg" class="file" info="Failed name lookup - disconnected path" error=-13 profile="rsyslogd" name="var/lib/haproxy/dev/log" pid=3679 comm="haproxy" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
But then not anymore. When haproxy is first installed, it does trigger an rsyslog apparmor profile reload, as it should, because it installs an rsyslog config snippet: [Mon Jan 26 18:04:39 2026] audit: type=1400 audit(1769450678.879:126): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="rsyslogd" pid=3752 comm="apparmor_parser" Setting up haproxy (2.8.16-0ubuntu0.24.04.1) ... Created symlink /etc/systemd/system/multi-user.target.wants/haproxy.service → /usr/lib/systemd/system/haproxy.service. Processing triggers for rsyslog (8.2312.0-3ubuntu9.1) ... <------ So that's working as expected. Then I go ahead and modify haproxy.cfg with a front and backend, for testing. And restart haproxy and test a connection: $ echo -ne "HEAD / HTTP/1.0\n\n" | nc localhost 8080 HTTP/1.1 200 OK date: Mon, 26 Jan 2026 18:07:32 GMT server: Apache/2.4.58 (Ubuntu) last-modified: Mon, 26 Jan 2026 18:04:22 GMT etag: "29af-6494e562dd0fa" accept-ranges: bytes content-length: 10671 vary: Accept-Encoding keep-alive: timeout=5, max=100 content-type: text/html connection: close And it worked, no apparmor message :/ There is something going on, because I did see the DENIED message once, but not again. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2138647 Title: haproxy stops logging after reload with permission denied error To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/haproxy/+bug/2138647/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
