Sorry to be the bearer of bad news: unfortunately this still appears
broken on certain platforms. Specifically, testing a fresh plucky image
on the Raspberry Pi, the wifi interface was recognized but not
configured:
$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state
DOWN group default qlen 1000
link/ether d8:3a:dd:8e:6e:c8 brd ff:ff:ff:ff:ff:ff
altname wlxd83add8e6ec8
The apparmor profile in question was from the current released version
of the package:
$ apt policy apparmor
apparmor:
Installed: 4.1.0~beta5-0ubuntu4
Candidate: 4.1.0~beta5-0ubuntu4
Version table:
*** 4.1.0~beta5-0ubuntu4 500
500 http://ports.ubuntu.com/ubuntu-ports plucky/main arm64 Packages
100 /var/lib/dpkg/status
The wifi configuration in netplan was valid, but when running "sudo
netplan apply", the following was observed in the journal:
Feb 21 10:44:24 ubuntu systemd[1]: Reload requested from client PID 2811
('systemctl') (unit user@1000.service)...
Feb 21 10:44:24 ubuntu systemd[1]: Reloading...
Feb 21 10:44:29 ubuntu systemd[1]: Reloading finished in 4663 ms.
Feb 21 10:44:31 ubuntu systemd-networkd[772]: wlan0: Reconfiguring with
/run/systemd/network/10-netplan-wlan0.network.
Feb 21 10:44:31 ubuntu systemd-networkd[772]: wlan0: Reconfiguring with
/run/systemd/network/10-netplan-wlan0.network.
Feb 21 10:44:31 ubuntu systemd[1]: netplan-ovs-cleanup.service - OpenVSwitch
configuration for cleanup was skipped because of an unmet condition check
(ConditionFileIsExecutable=/usr/bin/ovs-vsctl).
Feb 21 10:44:31 ubuntu systemd[1]: Started netplan-wpa-wlan0.service - WPA
supplicant for netplan wlan0.
Feb 21 10:44:31 ubuntu wpa_supplicant[2980]: Successfully initialized
wpa_supplicant
Feb 21 10:44:31 ubuntu wpa_supplicant[2980]: Failed to open config file
'/run/netplan/wpa-wlan0.conf', error: Permission denied
Feb 21 10:44:31 ubuntu wpa_supplicant[2980]: Failed to read or parse
configuration '/run/netplan/wpa-wlan0.conf'.
Feb 21 10:44:31 ubuntu kernel: audit: type=1400 audit(1740134671.722:183):
apparmor="DENIED" operation="open" class="file" profile="wpa_supplicant"
name="/run/netplan/wpa-wlan0.conf" pid=2980 comm="wpa_supplicant"
requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Feb 21 10:44:31 ubuntu wpa_supplicant[2980]: : CTRL-EVENT-DSCP-POLICY clear_all
Feb 21 10:44:31 ubuntu systemd[1]: netplan-wpa-wlan0.service: Main process
exited, code=exited, status=255/EXCEPTION
Feb 21 10:44:31 ubuntu systemd[1]: netplan-wpa-wlan0.service: Failed with
result 'exit-code'.
Running "sudo apparmor_parser --remove /etc/apparmor.d/wpa_supplicant"
then re-running "sudo netplan apply" caused the wifi interface to
associate correctly. It would appear that the apparmor profile must also
grant the ability to read "/run/netplan/*.conf" (the wildcard because
the filename is largely unpredictable) in order to support wifi via
netplan on certain common boards.
** Changed in: apparmor (Ubuntu)
Status: Fix Released => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2098838
Title:
apparmor appears to deny wpasupplicant on plucky, breaking wifi
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2098838/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
