Public bug reported:
affects ubuntu/tcpdump
importance low
While debugging the configuration of my Ubuntu router, I noticed the
following in dmesg:
[ 2410.773511] type=1503 audit(1286949714.517:12): operation="open" pid=1228
parent=1111 profile="/usr/sbin/tcpdump" requested_mask="r::" denied_mask="r::"
fsuid=0 ouid=0 name="/etc/ethers"
[92714.036092] type=1503 audit(1287040017.780:13): operation="open" pid=19770
parent=19592 profile="/usr/sbin/tcpdump" requested_mask="r::" denied_mask="r::"
fsuid=0 ouid=0 name="/etc/ethers"
I don't know why tcpdump *wants* to access ethers(5); probably to
supplement the in-kernel neighbours (ARP) table.
Note that out-of-the-box there is no /etc/ethers, which is probably
why nobody noticed this before. I use ethers(5) to tell dnsmasq which
MACs get "fixed" IPs via DHCP allocation.
** Affects: tcpdump (Ubuntu)
Importance: Low
Status: New
--
tcpdump 4.0.0-6ubuntu3 denied read access to ethers(5) by apparmor profile
https://bugs.launchpad.net/bugs/660904
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
