touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #66557
[Bug 1438249] [NEW] /sbin/dhclient is unconfined after switch to systemd (aka, equivalent of upstart's network-interface-security.conf not implemented)
Public bug reported:
dhclient is starting before the apparmor profile for it is loaded which
results in the following output from aa-status:
$ sudo aa-status
...
4 profiles are in enforce mode.
/sbin/dhclient
...
1 processes are unconfined but have a profile defined.
/sbin/dhclient (634)
Upstart had the network-interface-security.conf job to make sure this
didn't happen. We wanted the cache loading library to be implemented in
time (bug #1385414), but it still hasn't landed. Having the cache
loading library in place would mean that this bug would also be fixed,
but now we need to fix this bug differently for 15.04 and it must be
fixed by release.
** Affects: systemd (Ubuntu)
Importance: Critical
Status: Triaged
** Tags: apparmor
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1438249
Title:
/sbin/dhclient is unconfined after switch to systemd (aka, equivalent
of upstart's network-interface-security.conf not implemented)
Status in systemd package in Ubuntu:
Triaged
Bug description:
dhclient is starting before the apparmor profile for it is loaded
which results in the following output from aa-status:
$ sudo aa-status
...
4 profiles are in enforce mode.
/sbin/dhclient
...
1 processes are unconfined but have a profile defined.
/sbin/dhclient (634)
Upstart had the network-interface-security.conf job to make sure this
didn't happen. We wanted the cache loading library to be implemented
in time (bug #1385414), but it still hasn't landed. Having the cache
loading library in place would mean that this bug would also be fixed,
but now we need to fix this bug differently for 15.04 and it must be
fixed by release.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1438249/+subscriptions
Follow ups
-
[Bug 1438249] Re: /sbin/dhclient is unconfined after switch to systemd (aka, equivalent of upstart's network-interface-security.conf not implemented)
From: Launchpad Bug Tracker, 2015-04-02
-
[Bug 1438249] Re: /sbin/dhclient is unconfined after switch to systemd (aka, equivalent of upstart's network-interface-security.conf not implemented)
From: John Johansen, 2015-03-31
-
[Bug 1438249] Re: /sbin/dhclient is unconfined after switch to systemd (aka, equivalent of upstart's network-interface-security.conf not implemented)
From: Martin Pitt, 2015-03-31
-
[Bug 1438249] Re: /sbin/dhclient is unconfined after switch to systemd (aka, equivalent of upstart's network-interface-security.conf not implemented)
From: Martin Pitt, 2015-03-30
-
[Bug 1438249] Re: /sbin/dhclient is unconfined after switch to systemd (aka, equivalent of upstart's network-interface-security.conf not implemented)
From: Jamie Strandboge, 2015-03-30
-
[Bug 1438249] Re: /sbin/dhclient is unconfined after switch to systemd (aka, equivalent of upstart's network-interface-security.conf not implemented)
From: Tyler Hicks, 2015-03-30
-
[Bug 1438249] Re: /sbin/dhclient is unconfined after switch to systemd (aka, equivalent of upstart's network-interface-security.conf not implemented)
From: Martin Pitt, 2015-03-30
-
[Bug 1438249] Re: /sbin/dhclient is unconfined after switch to systemd (aka, equivalent of upstart's network-interface-security.conf not implemented)
From: Martin Pitt, 2015-03-30
-
[Bug 1438249] Re: /sbin/dhclient is unconfined after switch to systemd (aka, equivalent of upstart's network-interface-security.conf not implemented)
From: Martin Pitt, 2015-03-30
-
[Bug 1438249] Re: /sbin/dhclient is unconfined after switch to systemd (aka, equivalent of upstart's network-interface-security.conf not implemented)
From: Martin Pitt, 2015-03-30
-
[Bug 1438249] [NEW] /sbin/dhclient is unconfined after switch to systemd (aka, equivalent of upstart's network-interface-security.conf not implemented)
From: Jamie Strandboge, 2015-03-30
References