** Changed in: unbound (Debian)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1723900
Title:
unbound systemctl (re)start fails due to Apparmor profile issue
To ma
This bug was fixed in the package unbound - 1.6.7-1ubuntu1
---
unbound (1.6.7-1ubuntu1) bionic; urgency=medium
* debian/apparmor: update to allow writing to /run/systemd/notify
(Closes: #867186, LP: #1723900)
-- Jamie Strandboge Thu, 22 Feb 2018 19:35:23 +
** Changed in
Thanks Emily!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1723900
Title:
unbound systemctl (re)start fails due to Apparmor profile issue
To manage notifications about this bug go to:
https://bugs
This bug was fixed in the package unbound - 1.6.5-1ubuntu0.1
---
unbound (1.6.5-1ubuntu0.1) artful-security; urgency=medium
* apparmor: permit unbound to notify readiness to systemd
(Closes: #867186, LP: #1723900)
-- Simon Deziel Mon, 16 Oct 2017 13:11:12 +
** Changed in
The updated package for 17.10/Artful has been uploaded to the security-proposed
ppa.
https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa
My testing shows that the bug is resolved. Please try it out.
Thanks for providing the debdiff, Simon!
--
You received this bug notification be
I checked again, to confirm the behavior. After reverting the changes in
/etc/apparmor.d/usr.sbin.unbound:
sudo service apparmor reload
sudo service unbound restart
Job for unbound.service failed because a timeout was exceeded.
See "systemctl status unbound.service" and "journalctl -xe" for de
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1723900
Title:
unbound systemctl (re)start fails due to Apparmor profile issue
To manage not
This bug silently deactivate DNSSEC on systems where Unbound is
installed. The system will fallback to the default resolver and happily
resolve dns queries with invalid signatures.
This should be marked as a security issue.
Problem resolved (no pun intended) with the provided patch, then reloadin
Same issue in Ubuntu 18.04 alpha
And dmesg is spammed full with messages like:
==
[ 458.960479] audit: type=1400 audit(1517146114.040:20): apparmor="DENIED"
operation="sendmsg" profile="/usr/sbin/unbound" name="/run/systemd/notify"
pid=594 comm="unbound" requested_mask="w" denied_mask="w" fsuid
Thanks for tracking this down, same issue on Ubuntu 17.10
Resolved by manually applying the patch above
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1723900
Title:
unbound systemctl (re)start fail
I'll hand around on #ubuntu-devel then, thanks Seth!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1723900
Title:
unbound systemctl (re)start fails due to Apparmor profile issue
To manage notificat
Sorry Simon, I don't have any privileges to do so, hopefully someone
doing Ubuntu patch piloting can pick it up.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1723900
Title:
unbound systemct
@Seth, any chance to get that debdiff uploaded? Would be much
appreciated.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1723900
Title:
unbound systemctl (re)start fails due to Apparmor profile issu
** Also affects: unbound (Ubuntu Artful)
Importance: Undecided
Status: Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1723900
Title:
unbound systemctl (re)start fails due to Appar
Looks good to me, thanks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1723900
Title:
unbound systemctl (re)start fails due to Apparmor profile issue
To manage notifications about this bug go to:
h
** Changed in: unbound (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1723900
Title:
unbound systemctl (re)start fails due to Apparmor profile issue
To manag
The attachment "unbound-apparmor-sd_notify.debdiff" seems to be a
debdiff. The ubuntu-sponsors team has been subscribed to the bug report
so that they can review and hopefully sponsor the debdiff. If the
attachment isn't a patch, please remove the "patch" flag from the
attachment, remove the "pat
Here is a debdiff for Artful with the same patch that I attached to the
Debian bug.
** Patch added: "unbound-apparmor-sd_notify.debdiff"
https://bugs.launchpad.net/ubuntu/+source/unbound/+bug/1723900/+attachment/4972700/+files/unbound-apparmor-sd_notify.debdiff
--
You received this bug notif
** Changed in: unbound (Debian)
Status: Unknown => New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1723900
Title:
unbound systemctl (re)start fails due to Apparmor profile issue
To manage
** Bug watch added: Debian Bug tracker #867186
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867186
** Also affects: unbound (Debian) via
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867186
Importance: Unknown
Status: Unknown
** Tags added: apparmor
--
You received this
20 matches
Mail list logo
