Ubuntu
mysql-8.0 package

mysqld DENIED audit messages for /proc/sys/kernel/random/boot_id (apparmor)

Bug #1879382 reported by falstaff on 2020-05-18

This bug report is a duplicate of: Bug #1872564: /proc/sys/kernel/random/boot_id rule missing from abstractions/nameservice. Edit Remove

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	mysql-8.0 (Ubuntu)	Confirmed	Undecided	Unassigned

Bug Description

It seems that mysqld tries to access /proc/sys/kernel/random/boot_id and is not allowed to:

May 18 20:56:21 quak kernel: [555114.509781] audit: type=1400 audit(1589828181.471:518548): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/sys/kernel/random/boot_id" pid=2209903 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=0 ouid=0

ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: mysql-server 8.0.20-0ubuntu0.20.04.1
ProcVersionSignature: Ubuntu 5.4.0-29.33-generic 5.4.30
Uname: Linux 5.4.0-29-generic x86_64
ApportVersion: 2.20.11-0ubuntu27
Architecture: amd64
CasperMD5CheckResult: skip
Date: Mon May 18 20:49:04 2020
Logs.var.log.daemon.log:

MySQLConf.etc.mysql.conf.d.mysql.cnf: [mysql]
MySQLConf.etc.mysql.conf.d.mysqld_safe_syslog.cnf:
[mysqld_safe]
syslog
MySQLConf.etc.mysql.conf.d.mysqldump.cnf:
[mysqldump]
quick
quote-names
max_allowed_packet = 16M
MySQLConf.etc.mysql.mysql.conf.d.mysqld_safe_syslog.cnf:
[mysqld_safe]
syslog
MySQLVarLibDirListing: False
PackageArchitecture: all
ProcEnviron:
TERM=xterm
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=de_CH.UTF-8
SHELL=/bin/bash
SourcePackage: mysql-8.0
UpgradeStatus: Upgraded to focal on 2020-05-12 (6 days ago)

Tags:

Revision history for this message

falstaff (falstaff) wrote on 2020-05-18:

.etc.apparmor.d.usr.sbin.mysqld.txt Edit (2.0 KiB, text/plain; charset="utf-8")
Dependencies.txt Edit (2.3 KiB, text/plain; charset="utf-8")
KernLog.txt Edit (255.9 KiB, text/plain; charset="utf-8")
Logs.var.log.mysql.error.log.txt Edit (15.6 MiB, text/plain; charset="utf-8")
MySQLConf.etc.mysql.my.cnf.txt Edit (4.2 KiB, text/plain; charset="utf-8")
MySQLConf.etc.mysql.mysql.cnf.txt Edit (682 bytes, text/plain; charset="utf-8")
MySQLConf.etc.mysql.mysql.conf.d.mysql.cnf.txt Edit (132 bytes, text/plain; charset="utf-8")
MySQLConf.etc.mysql.mysql.conf.d.mysqld.cnf.txt Edit (2.1 KiB, text/plain; charset="utf-8")
ProcCpuinfoMinimal.txt Edit (780 bytes, text/plain; charset="utf-8")

Revision history for this message

falstaff (falstaff) wrote on 2020-05-18:

As the log actually states, the problem was that another instance of mysqld was using the port:

Can't start server: Bind on TCP/IP port: Address already in use

I am still leaving this issue open as the appamore DENIED operation might be something which should be fixed in the apparmor profile.

summary:

- mysqld not starting after upgrade (apparmor)
+ mysqld DENIED audit messages for /proc/sys/kernel/random/boot_id
+ (apparmor)

Jamie Strandboge (jdstrand) on 2020-05-19

Changed in mysql-8.0 (Ubuntu):
status:	New → Confirmed

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #1872564 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntumysql-8.0 package