AF_UNSPEC is used in calls to getaddrinfo(3) to request either ipv4 or ipv6 addresses. In the parser, we've been filtering out AF_UNSPEC as an option. It's a simple enough patch to enable it:
Index: b/common/Make.rules =================================================================== --- a/common/Make.rules +++ b/common/Make.rules @@ -98,7 +98,7 @@ list_capabilities: /usr/include/linux/ca # to mediate. We use PF_ here since that is what is required in # bits/socket.h, but we will rewrite these as AF_. -FILTER_FAMILIES=PF_UNSPEC PF_UNIX +FILTER_FAMILIES=PF_UNIX __FILTER=$(shell echo $(strip $(FILTER_FAMILIES)) | sed -e 's/ /\\\|/g') However, there's some concern that because the value of AF_UNSPEC is 0, there might be some special handling of that case, or other unexpected issues. That said, I'm able to reproduce the issue, and adding a rule 'network unspec dgram,' eliminated the rejections that ntpd was creating (whereas adding a rule 'network unspec raw,' as expected, did not). -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1546455 Title: Many instances of 'apparmor="DENIED" operation="create" profile="/usr/sbin/ntpd" pid=15139 comm="ntpd" family="unspec" sock_type="dgram" protocol=0' in syslog Status in apparmor package in Ubuntu: Confirmed Status in ntp package in Ubuntu: Fix Committed Bug description: I just dist-upgraded to this version of ntp which arrived in xenial very recently. Since then I'm being constantly spammed with libnotify notifications about the following Feb 17 09:59:55 raleigh.local kernel: audit: type=1400 audit(1455703195.606:429): apparmor="DENIED" operation="create" profile="/usr/sbin/ntpd" pid=15139 comm="ntpd" family="unspec" sock_type="dgram" protocol=0 Feb 17 09:59:55 raleigh.local kernel: audit: type=1400 audit(1455703195.606:430): apparmor="DENIED" operation="create" profile="/usr/sbin/ntpd" pid=15139 comm="ntpd" family="unspec" sock_type="dgram" protocol=0 Feb 17 09:59:55 raleigh.local kernel: audit: type=1400 audit(1455703195.606:431): apparmor="DENIED" operation="create" profile="/usr/sbin/ntpd" pid=15139 comm="ntpd" family="unspec" sock_type="dgram" protocol=0 Feb 17 09:59:55 raleigh.local kernel: audit: type=1400 audit(1455703195.606:432): apparmor="DENIED" operation="create" profile="/usr/sbin/ntpd" pid=15139 comm="ntpd" family="unspec" sock_type="dgram" protocol=0 Feb 17 09:59:55 raleigh.local kernel: audit: type=1400 audit(1455703195.606:433): apparmor="DENIED" operation="create" profile="/usr/sbin/ntpd" pid=15139 comm="ntpd" family="unspec" sock_type="dgram" protocol=0 […] Feb 17 09:59:59 raleigh.local kernel: audit: type=1400 audit(1455703199.526:434): apparmor="DENIED" operation="create" profile="/usr/sbin/ntpd" pid=15139 comm="ntpd" family="unspec" sock_type="dgram" protocol=0 Feb 17 09:59:59 raleigh.local kernel: audit: type=1400 audit(1455703199.526:435): apparmor="DENIED" operation="create" profile="/usr/sbin/ntpd" pid=15139 comm="ntpd" family="unspec" sock_type="dgram" protocol=0 Feb 17 09:59:59 raleigh.local kernel: audit: type=1400 audit(1455703199.526:436): apparmor="DENIED" operation="create" profile="/usr/sbin/ntpd" pid=15139 comm="ntpd" family="unspec" sock_type="dgram" protocol=0 Feb 17 09:59:59 raleigh.local kernel: audit: type=1400 audit(1455703199.526:437): apparmor="DENIED" operation="create" profile="/usr/sbin/ntpd" pid=15139 comm="ntpd" family="unspec" sock_type="dgram" protocol=0 Feb 17 09:59:59 raleigh.local kernel: audit: type=1400 audit(1455703199.526:438): apparmor="DENIED" operation="create" profile="/usr/sbin/ntpd" pid=15139 comm="ntpd" family="unspec" sock_type="dgram" protocol=0 argh! ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: ntp 1:4.2.8p4+dfsg-3ubuntu1 ProcVersionSignature: Ubuntu 4.4.0-2.16-generic 4.4.0 Uname: Linux 4.4.0-2-generic x86_64 NonfreeKernelModules: nvidia_uvm nvidia ApportVersion: 2.20-0ubuntu3 Architecture: amd64 CurrentDesktop: Unity Date: Wed Feb 17 09:57:02 2016 InstallationDate: Installed on 2012-10-07 (1227 days ago) InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Beta amd64 (20121007) SourcePackage: ntp UpgradeStatus: Upgraded to xenial on 2013-05-07 (1016 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1546455/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
