touch-packages team mailing list archive

Thread
Date

[Bug 1366261] Re: Apparmor prevents reading /run/utmp

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1366261@xxxxxxxxxxxxxxxxxx>
Date: Tue, 09 Sep 2014 19:10:33 -0000
Reply-to: Bug 1366261 <1366261@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package rsyslog - 7.4.4-1ubuntu10

---------------
rsyslog (7.4.4-1ubuntu10) utopic; urgency=medium

  * debian/usr.sbin.rsyslog: allow 'rk' to /run/utmp (LP: #1366261)
 -- Jamie Strandboge <jamie@xxxxxxxxxx>   Tue, 09 Sep 2014 10:26:20 -0500

** Changed in: rsyslog (Ubuntu)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to rsyslog in Ubuntu.
https://bugs.launchpad.net/bugs/1366261

Title:
  Apparmor prevents reading /run/utmp

Status in “rsyslog” package in Ubuntu:
  Fix Released

Bug description:
  The AA profile of rsyslog prevents it from reading /run/utmp when
  "ulimit -l" is reached by another process.

  Steps to reproduce:

  1) Enable AA profile of rsyslog
  rm /etc/apparmor.d/disable/usr.sbin.rsyslogd
  apparmor_parser -r -T -W /etc/apparmor.d/usr.sbin.rsyslogd
  2) Setup openvpn using large certs and using --mlock
  3) Start OpenVPN and notice errors like those:

  Sep  6 00:19:22 jupiter kernel: [ 4048.714972] type=1400 audit(1409977162.226:41): apparmor="DENIED" operation="open" profile="/usr/sbin/rsyslogd" name="/run/utmp" pid=4181 comm=72733A6D61696E20513A526567 requested_mask="r" denied_mask="r" fsuid=101 ouid=0
  Sep  6 00:24:03 jupiter kernel: [ 4330.456007] type=1400 audit(1409977443.978:46): apparmor="DENIED" operation="file_lock" profile="/usr/sbin/rsyslogd" name="/run/utmp" pid=6844 comm=72733A6D61696E20513A526567 requested_mask="k" denied_mask="k" fsuid=101 ouid=0

  A workaround is to add "/run/utmp rk," to rsyslog's profile.

  
  # lsb_release -rd
  Description:	Ubuntu 14.04.1 LTS
  Release:	14.04
  # apt-cache policy rsyslog
  rsyslog:
    Installed: 7.4.4-1ubuntu2.1
    Candidate: 7.4.4-1ubuntu2.1
    Version table:
   *** 7.4.4-1ubuntu2.1 0
          500 http://archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 Packages
          100 /var/lib/dpkg/status
       7.4.4-1ubuntu2 0
          500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: rsyslog 7.4.4-1ubuntu2.1
  ProcVersionSignature: Ubuntu 3.13.0-36.63-generic 3.13.11.6
  Uname: Linux 3.13.0-36-generic x86_64
  ApportVersion: 2.14.1-0ubuntu3.4
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Sat Sep  6 00:24:53 2014
  InstallationDate: Installed on 2014-01-26 (222 days ago)
  InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Alpha amd64 (20140124)
  SourcePackage: rsyslog
  UpgradeStatus: No upgrade log present (probably fresh install)
  modified.conffile..etc.logcheck.ignore.d.server.rsyslog: [deleted]

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1366261/+subscriptions

References

[Bug 1366261] [NEW] Apparmor prevents reading /run/utmp
From: Simon Déziel, 2014-09-06