touch-packages team mailing list archive

Thread
Date

[Bug 1100060] Re: apparmor profile denies access to /run/utmp

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Simon Déziel <1100060@xxxxxxxxxxxxxxxxxx>
Date: Sat, 06 Sep 2014 04:33:52 -0000
Reply-to: Bug 1100060 <1100060@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

*** This bug is a duplicate of bug 1366261 ***
    https://bugs.launchpad.net/bugs/1366261

** This bug has been marked a duplicate of bug 1366261
   Apparmor prevents reading /run/utmp

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to rsyslog in Ubuntu.
https://bugs.launchpad.net/bugs/1100060

Title:
  apparmor profile denies access to /run/utmp

Status in “rsyslog” package in Ubuntu:
  New

Bug description:
  The Apparmor profile of rsyslogd, when enabled, prevents the daemon
  from reading /run/utmp:

  Jan 15 16:59:53 log kernel: [15515.765872] type=1400
  audit(1358287193.318:13): apparmor="DENIED" operation="open" parent=1
  profile="/usr/sbin/rsyslogd" name="/run/utmp" pid=592
  comm=72733A6D61696E20513A526567 requested_mask="r" denied_mask="r"
  fsuid=101 ouid=0

  This is the first time I see this denial since I enabled the profile
  many months ago. The easy fix seems to simply include the "wutmp"
  abstraction to the profile.

  The only thing I can see that could have triggered this, is the
  *heavy* IO load of the underlying hypervisor powering this VM. Other
  VMs on the same hypervisor emitted "BUG: soft lockup - CPU#0 stuck for
  39s! [flush-253:0:734]" at the same second as the rsyslog apparmor
  denial.

  $ lsb_release -rd
  Description:	Ubuntu 12.04.1 LTS
  Release:	12.04

  $ apt-cache policy rsyslog
  rsyslog:
    Installed: 5.8.6-1ubuntu8
    Candidate: 5.8.6-1ubuntu8
    Version table:
   *** 5.8.6-1ubuntu8 0
          500 http://archive.ubuntu.com/ubuntu/ precise/main amd64 Packages
          100 /var/lib/dpkg/status

  ProblemType: Bug
  DistroRelease: Ubuntu 12.04
  Package: rsyslog 5.8.6-1ubuntu8
  ProcVersionSignature: Ubuntu 3.2.0-35.55-virtual 3.2.34
  Uname: Linux 3.2.0-35-virtual x86_64
  NonfreeKernelModules: xt_tcpudp xt_recent xt_owner xt_limit xt_conntrack nf_nat_ftp nf_conntrack_ipv6 nf_defrag_ipv6 nf_conntrack_ftp ipt_MASQUERADE ipt_LOG iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack nf_defrag_ipv4 iptable_filter ip_tables ip6t_LOG ip6table_filter ip6_tables x_tables
  ApportVersion: 2.0.1-0ubuntu17.1
  Architecture: amd64
  Date: Tue Jan 15 17:08:14 2013
  MarkForUpload: True
  ProcEnviron:
   TERM=xterm
   PATH=(custom, no user)
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: rsyslog
  UpgradeStatus: No upgrade log present (probably fresh install)
  mtime.conffile..etc.rsyslog.conf: 2012-04-16T23:17:45.198820

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1100060/+subscriptions