[Touch-packages] [Bug 2127851] Re: wireguard's wg-quick produces errors when bringing up/down vpn

Fri, 17 Oct 2025 15:38:54 -0700 

** Tags added: sec-7709

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2127851

Title:
  wireguard's wg-quick produces errors when bringing up/down vpn

Status in apparmor package in Ubuntu:
  Confirmed
Status in apparmor source package in Questing:
  Confirmed
Status in apparmor source package in Resolute:
  Confirmed

Bug description:
  running

  
  sudo wg-quick up wg0

  
  produces

  stat: cannot read table of mounted file systems: Permission denied
  stat: cannot read table of mounted file systems: Permission denied
  /usr/bin/wg-quick: line 47: ((: ( &  & 0007) == 0: syntax error: operand 
expected (error token is "&  & 0007) == 0")
  Warning: `/etc/wireguard/wg0.conf' is world accessible

  
  The VPN starts but these errors/warnings are new for 25.10.

  Syslog says:

  2025-10-14T13:24:58.247604+01:00 polaris kernel: audit: type=1400 
audit(1760444698.245:7785): apparmor="DENIED" operation="open" class="file" 
profile="wg-quick" name="/proc/66193/mountinfo" pid=66193 comm="stat" 
requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  2025-10-14T13:24:58.247633+01:00 polaris kernel: audit: type=1400 
audit(1760444698.245:7786): apparmor="DENIED" operation="open" class="file" 
profile="wg-quick" name="/proc/66193/mounts" pid=66193 comm="stat" 
requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  2025-10-14T13:24:58.254586+01:00 polaris kernel: audit: type=1400 
audit(1760444698.252:7787): apparmor="DENIED" operation="open" class="file" 
profile="wg-quick" name="/proc/66194/mountinfo" pid=66194 comm="stat" 
requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  2025-10-14T13:24:58.254598+01:00 polaris kernel: audit: type=1400 
audit(1760444698.252:7788): apparmor="DENIED" operation="open" class="file" 
profile="wg-quick" name="/proc/66194/mounts" pid=66194 comm="stat" 
requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  2025-10-14T13:24:58.285489+01:00 polaris NetworkManager[1133]: <info>  
[1760444698.2851] manager: (wg0): new WireGuard device 
(/org/freedesktop/NetworkManager/Devices/29)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2127851/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to