Hello all, I have an annoying bug or something not configured properly with the nscd library, that is visible with AppArmor.
This is happening at least with Apache and Dovecot. With Dovecot: > Feb 15 06:51:19 portal kernel: [2105960.896749] audit: type=1400 > audit(1550213479.204:6722): apparmor="DENIED" operation="file_mmap" > info="Failed name lookup - disconnected path" error=-13 > profile="/usr/lib/dovecot/auth" name="var/cache/nscd/hosts" pid=6180 > comm="auth" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 > Feb 15 07:04:30 portal kernel: [2106752.493506] audit: type=1400 > audit(1550214270.805:6723): apparmor="DENIED" operation="file_mmap" > info="Failed name lookup - disconnected path" error=-13 > profile="/usr/lib/dovecot/auth" name="var/cache/nscd/hosts" pid=6653 > comm="auth" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 > Feb 15 07:47:27 portal kernel: [2109329.163406] audit: type=1400 > audit(1550216847.487:6724): apparmor="DENIED" operation="file_mmap" > info="Failed name lookup - disconnected path" error=-13 > profile="/usr/lib/dovecot/auth" name="var/cache/nscd/hosts" pid=8221 > comm="auth" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 > With Apache: > Feb 15 06:25:22 portal kernel: [2104404.314334] audit: type=1400 > audit(1550211922.612:6713): apparmor="DENIED" operation="file_mmap" > info="Failed name lookup - disconnected path" error=-13 > profile="/usr/sbin/apache2" name="var/cache/nscd/hosts" pid=5144 > comm="apache2" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 > Feb 15 06:25:22 portal kernel: [2104404.678807] audit: type=1400 > audit(1550211922.976:6714): apparmor="DENIED" operation="file_mmap" > info="Failed name lookup - disconnected path" error=-13 > profile="/usr/sbin/apache2" name="var/cache/nscd/passwd" pid=5144 > comm="apache2" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 > Feb 15 06:25:22 portal kernel: [2104404.679772] audit: type=1400 > audit(1550211922.980:6715): apparmor="DENIED" operation="file_mmap" > info="Failed name lookup - disconnected path" error=-13 > profile="/usr/sbin/apache2" name="var/cache/nscd/group" pid=5144 > comm="apache2" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 > Basically, the query to open nscd cache files is missing the heading '/' character. Does anyone has an idea where this is coming from? Thanks, André -- André Rodier HomeBox: https://github.com/progmaticltd/homebox
