I was able to reproduce on an Azure 26.04 VM (image: canonical:ubuntu-26_04-lts:server:latest)
- Boot VM - Confirm no existing logs: journalctl --no-pager | grep 'apparmor="DENIED"' | grep 'ubuntu_pro_esm_cache' - Attach to Pro (sudo ua attach <token> --no-auto-enable - sudo apt update - Logs now present: journalctl --no-pager | grep 'apparmor="DENIED"' | grep 'ubuntu_pro_esm_cache' ubuntu@resolute-test-vm:~$ journalctl --no-pager | grep 'apparmor="DENIED"' | grep 'ubuntu_pro_esm_cache' May 22 16:16:51 resolute-test-vm kernel: audit: type=1400 audit(1779466611.724:199): apparmor="DENIED" operation="capable" class="cap" profile="ubuntu_pro_esm_cache_systemd_detect_virt" pid=2391 comm="systemd-detect-" capability=38 capname="perfmon" May 22 16:16:51 resolute-test-vm kernel: audit: type=1400 audit(1779466611.727:200): apparmor="DENIED" operation="open" class="file" profile="ubuntu_pro_esm_cache//cloud_id" name="/usr/share/coreutils/locales/uucore/en-US.ftl" pid=2392 comm="uname" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 May 22 16:16:51 resolute-test-vm kernel: audit: type=1400 audit(1779466611.728:201): apparmor="DENIED" operation="capable" class="cap" profile="ubuntu_pro_esm_cache//cloud_id" pid=2369 comm="cloud-id" capability=38 capname="perfmon" May 22 16:16:51 resolute-test-vm kernel: audit: type=1400 audit(1779466611.746:202): apparmor="DENIED" operation="bind" class="net" profile="ubuntu_pro_esm_cache_systemctl" pid=2393 comm="systemctl" family="unix" sock_type="stream" protocol=0 requested="bind" denied="bind" addr="@b1a09157c84f1be9/bus/systemctl/" The profile="ubuntu_pro_esm_cache//cloud_id" entries are covered by a different bug: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2153472 So the profile="ubuntu_pro_esm_cache_systemctl" and profile="ubuntu_pro_esm_cache_systemd_detect_virt" entries still need to be addressed. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2143251 Title: ubuntu_pro_esm_cache_systemd_detect_virt apparmor DENIED audit messages for perfmon capability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2143251/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
