After I add /run/systemd/journal/dev-log r,
and reload the profile with apparmor_parser -r -W -T /etc/apparmor.d/usr.sbin.rsyslogd Looks like I need to reboot the container. Restarting rsyslog or systemd-journal does't cut it. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/2123821 Title: bad restriction: apparmor="DENIED" [...] namespace="root//lxd-n_<var- snap-lxd-common-lxd>" profile="rsyslogd" name="/run/systemd/journal/dev-log" Status in apparmor package in Ubuntu: New Status in rsyslog package in Ubuntu: Confirmed Bug description: On my Questing system running LXD containers, my kernel log is full of messages like: [ 129.551382] audit: type=1400 audit(1757925628.229:1005): apparmor="DENIED" operation="sendmsg" class="file" namespace="root//lxd-q_<var-snap-lxd-common-lxd>" profile="rsyslogd" name="/run/systemd/journal/dev-log" pid=5370 comm="systemd-journal" requested_mask="r" denied_mask="r" fsuid=1000000 ouid=1000000 One of my containers is named "q", hence the "root//lxd-q...". Some actual functionality is likely broken in the container. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2123821/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
