[Touch-packages] [Bug 1724450] Re: apparmor is broken for kernel 4.14

Wed, 18 Oct 2017 05:51:37 -0700 

*** This bug is a duplicate of bug 1721278 ***
    https://bugs.launchpad.net/bugs/1721278

Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: apparmor (Ubuntu)
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1724450

Title:
  apparmor is broken for kernel 4.14

Status in apparmor package in Ubuntu:
  Confirmed

Bug description:
  Several critical systems are broken with the default Ubuntu 17.10
  apparmor profile when booting in kernel 4.14, eg DHCP/networking and
  mysql-server.

  I got it working by applying the attached patch from the /etc
  directory. The patch is mostly based on the patch provided in comment
  #34 in the upstream bug at https://bugs.debian.org/cgi-
  bin/bugreport.cgi?bug=877581. I had to remove the sections for the
  files that Ubuntu doesn't have (such as tor, tor.browser, haveged and
  libvirt) and to get DHCP to work, I also had to add 'w' permission to
  /usr/lib/NetworkManager/nm-dhcp-helper to avoid this syslog message:

  apparmor="DENIED" operation="create" profile="/usr/lib/NetworkManager
  /nm-dhcp-helper" pid=3876 comm="nm-dhcp-helper" family="unix"
  sock_type="stream" protocol=0 requested_mask="create"
  denied_mask="create"

  ProblemType: Bug
  DistroRelease: Ubuntu 17.10
  Package: apparmor 2.11.0-2ubuntu17
  ProcVersionSignature: Error: [Errno 2] No such file or directory: 
'/proc/version_signature'
  Uname: Linux 4.14.0-rc5-generic x86_64
  ApportVersion: 2.20.7-0ubuntu3
  Architecture: amd64
  CurrentDesktop: ubuntu:GNOME
  Date: Wed Oct 18 12:59:38 2017
  InstallationDate: Installed on 2017-08-16 (62 days ago)
  InstallationMedia: Ubuntu 17.04 "Zesty Zapus" - Release amd64 (20170412)
  JournalErrors:
   Error: command ['journalctl', '-b', '--priority=warning', '--lines=1000'] 
failed with exit code 1: Hint: You are currently not seeing messages from other 
users and the system.
         Users in the 'systemd-journal' group can see all messages. Pass -q to
         turn off this notice.
   No journal files were opened due to insufficient permissions.
  ProcKernelCmdline: BOOT_IMAGE=/@/boot/vmlinuz-4.14.0-rc5-generic 
root=UUID=0eb64261-6dff-464a-8373-596794c1fafe ro rootflags=subvol=@ quiet 
splash acpi_rev_override=5 scsi_mod.use_blk_mq=1 vt.handoff=7
  SourcePackage: apparmor
  UpgradeStatus: Upgraded to artful on 2017-08-17 (62 days ago)
  modified.conffile..etc.apparmor.d.abstractions.nameservice: [modified]
  mtime.conffile..etc.apparmor.d.abstractions.nameservice: 
2017-10-18T12:17:08.648386

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1724450/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to