rsyslog's apparmor profile is missing a rule for systemd integration

Bug #1530483 reported by Simon Déziel
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
rsyslog (Ubuntu)
Fix Released
Medium
Jamie Strandboge

Bug Description

After enabling rsyslog's apparmor profile, it fails to start because of an Apparmor denial:

  audit: type=1400 audit(1451684240.442:25): apparmor="DENIED" operation="sendmsg" profile="/usr/sbin/rsyslogd" name="/run/systemd/notify" pid=2746 comm="rsyslogd" requested_mask="w" denied_mask="w" fsuid=105 ouid=0

Adding the rule "/run/systemd/notify w," fixes the problem.

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: rsyslog 8.14.0-2ubuntu1
ProcVersionSignature: Ubuntu 4.3.0-5.16-generic 4.3.3
Uname: Linux 4.3.0-5-generic x86_64
ApportVersion: 2.19.3-0ubuntu2
Architecture: amd64
CurrentDesktop: Unity
Date: Fri Jan 1 16:41:15 2016
SourcePackage: rsyslog
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Simon Déziel (sdeziel) wrote :
Changed in rsyslog (Ubuntu):
assignee: nobody → Jamie Strandboge (jdstrand)
importance: Undecided → High
status: New → In Progress
importance: High → Medium
Changed in rsyslog (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package rsyslog - 8.14.0-2ubuntu2

---------------
rsyslog (8.14.0-2ubuntu2) xenial; urgency=medium

  * debian/usr.sbin.rsyslogd: allow 'w' on /run/systemd/notify (LP: #1530483)

 -- Jamie Strandboge <email address hidden> Tue, 05 Jan 2016 09:51:20 -0600

Changed in rsyslog (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.