← Back to team overview

debcrafters-packages team mailing list archive

  1. debcrafters-packages team
  2. Mailing list archive
  3. Message #01286

[Bug 2083017] Re: network-manager changed path to nm-dhcp-helper, apparmor need update

  Thread PreviousDate PreviousThread Next 
[Expired for apparmor (Ubuntu) because there has been no activity for 60
days.]

** Changed in: apparmor (Ubuntu)
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of
Debcrafters packages, which is subscribed to isc-dhcp in Ubuntu.
https://bugs.launchpad.net/bugs/2083017

Title:
  network-manager changed path to nm-dhcp-helper, apparmor need update

Status in apparmor package in Ubuntu:
  Expired
Status in isc-dhcp package in Ubuntu:
  Invalid

Bug description:
  From the Debian Bug report logs - #1055067
  isc-dhcp-client: network-manager 1.44.2-3 changed path to nm-dhcp-helper, apparmor need update

  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055067

  The problem causes the DHCP fail to receive the IP with this error in
  the dmesg command:

  [ 1037.911083] audit: type=1400 audit(1727430402.572:1355):
  apparmor="DENIED" operation="exec" class="file"
  profile="/{,usr/}sbin/dhclient" name="/usr/libexec/nm-dhcp-helper"
  pid=6763 comm="dhclient" requested_mask="x" denied_mask="x" fsuid=0
  ouid=0

  The /etc/apparmor.d/sbin.dhclient file needs to be updated to include
  the /usr/libexec/nm-dhcp-helper (instead of
  /usr/lib/NetworkManager/nm-dhcp-helper). Just in case, to solve it, I
  duplicated the definitions for the NetworkManager/nm-dhcp-helper.

  FILE: /etc/apparmor.d/sbin.dhclient

  ....
    # Support the new executable helper from NetworkManager.
    /usr/lib/NetworkManager/nm-dhcp-helper          Pxrm,
    signal (receive) peer=/usr/lib/NetworkManager/nm-dhcp-helper,
    /usr/libexec/nm-dhcp-helper          Pxrm,
    signal (receive) peer=/usr/libexec/nm-dhcp-helper,
  ....
  /usr/lib/NetworkManager/nm-dhcp-helper {
    #include <abstractions/base>
    #include <abstractions/dbus>
    /usr/lib/NetworkManager/nm-dhcp-helper mr,

    /run/NetworkManager/private-dhcp rw,
    signal (send) peer=/sbin/dhclient,

    /var/lib/NetworkManager/*lease r,
    signal (receive) peer=/usr/sbin/NetworkManager,
    ptrace (readby) peer=/usr/sbin/NetworkManager,
    network inet dgram,
    network inet6 dgram,
  }

  /usr/libexec/nm-dhcp-helper {
    #include <abstractions/base>
    #include <abstractions/dbus>
    /usr/libexec/nm-dhcp-helper mr,

    /run/NetworkManager/private-dhcp rw,
    signal (send) peer=/sbin/dhclient,

    /var/lib/NetworkManager/*lease r,
    signal (receive) peer=/usr/sbin/NetworkManager,
    ptrace (readby) peer=/usr/sbin/NetworkManager,
    network inet dgram,
    network inet6 dgram,
  }
  ....

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2083017/+subscriptions
  Thread PreviousDate PreviousThread Next