touch-packages team mailing list archive

Thread
Date

[Bug 1540672] [NEW] [xenial] dhcp server does not work with apparmor enabled

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Doug Smythies <1540672@xxxxxxxxxxxxxxxxxx>
Date: Tue, 02 Feb 2016 00:15:23 -0000
Reply-to: Bug 1540672 <1540672@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

I only seem to be able to make my dhcp server work properly by disabling apparmor.
With apparmor enabled it seems to complain that it is unable to open the leases file for append.
With apparmor either disabled completely (via linux command line in grub), or set to complain mode for /usr/sbin/dhcpd, the dhcp server appears to work fine (so far).

Observed with 2.10-0ubuntu11, and 2.10-0ubuntu12 (from the update of
today). I do not know about any previous version, as this is my first
attempt with xenial at setting up a dhcp server.

My system is being built fresh from the daily Ubuntu server AMD64 ISO of
2016.01.30. The hard disk is new, as the old one (12.04 server) failed.

I do not know if it is relevant, but I do notice an edit date of
2016.01.25 in /etc/apparmor.d/usr.sbin.dhcpd

The main problem log line:

kernel: [   22.629981] audit: type=1400 audit(1454368046.405:10):
apparmor="DENIED" operation="capable" profile="/usr/sbin/dhcpd" pid=1198
comm="dhcpd" capability=1  capname="dac_override"

** Affects: apparmor (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: xenial

** Attachment added: "some selected syslog entries"
   https://bugs.launchpad.net/bugs/1540672/+attachment/4561728/+files/syslog_excerpts.txt

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1540672

Title:
  [xenial] dhcp server does not work with apparmor enabled

Status in apparmor package in Ubuntu:
  New

Bug description:
  I only seem to be able to make my dhcp server work properly by disabling apparmor.
  With apparmor enabled it seems to complain that it is unable to open the leases file for append.
  With apparmor either disabled completely (via linux command line in grub), or set to complain mode for /usr/sbin/dhcpd, the dhcp server appears to work fine (so far).

  Observed with 2.10-0ubuntu11, and 2.10-0ubuntu12 (from the update of
  today). I do not know about any previous version, as this is my first
  attempt with xenial at setting up a dhcp server.

  My system is being built fresh from the daily Ubuntu server AMD64 ISO
  of 2016.01.30. The hard disk is new, as the old one (12.04 server)
  failed.

  I do not know if it is relevant, but I do notice an edit date of
  2016.01.25 in /etc/apparmor.d/usr.sbin.dhcpd

  The main problem log line:

  kernel: [   22.629981] audit: type=1400 audit(1454368046.405:10):
  apparmor="DENIED" operation="capable" profile="/usr/sbin/dhcpd"
  pid=1198 comm="dhcpd" capability=1  capname="dac_override"

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1540672/+subscriptions