Ubuntu
apparmor package

  1. Bug #1830502
  2. Activity log

Activity log for bug #1830502

Date Who What changed Old value New value Message
2019-05-25 22:25:22 Ian Johnson bug added bug
2019-05-29 16:32:49 Ian Johnson attachment added layouts-test-1 https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1830502/+attachment/5267420/+files/layouts-test-1
2019-05-29 20:15:31 Ian Johnson attachment added snapcraft.yaml https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1830502/+attachment/5267473/+files/snapcraft.yaml
2019-05-29 20:47:00 Ian Johnson summary apparmor fails to start with no parser errors apparmor uses excessive memory leading to oom kill
2019-05-29 20:48:44 Ian Johnson description On Ubuntu 18.04.2 LTS Desktop, after running out of space on my disk, my system was unable to finish booting and I had to go into recovery mode and remove a number of files before the system would boot. After doing so I discovered that now the apparmor.service systemd unit always fails to start. I see this in dmesg: [ 1066.975360] Out of memory: Kill process 6799 (apparmor_parser) score 796 or sacrifice child [ 1066.975364] Killed process 6799 (apparmor_parser) total-vm:15057348kB, anon-rss:15046148kB, file-rss:0kB, shmem-rss:0kB [ 1067.406595] oom_reaper: reaped process 6799 (apparmor_parser), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB Whenever apparmor.service is attempted to be started by systemd, i.e. either on boot, or later with `systemctl start apparmor`. The log from journalctl doesn't show any actual issues with any profiles just this: -- Reboot -- May 25 17:00:58 systemd[1]: Starting AppArmor initialization... May 25 17:00:58 apparmor[1521]: * Starting AppArmor profiles May 25 17:00:58 apparmor[1521]: Skipping profile in /etc/apparmor.d/disable: usr.bin.firefox May 25 17:00:58 apparmor[1521]: Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd May 25 17:01:40 apparmor[1521]: ...fail! May 25 17:01:40 systemd[1]: apparmor.service: Main process exited, code=exited, status=123/n/a May 25 17:01:40 systemd[1]: apparmor.service: Failed with result 'exit-code'. May 25 17:01:40 systemd[1]: Failed to start AppArmor initialization. May 25 17:04:53 systemd[1]: Starting AppArmor initialization... May 25 17:04:53 apparmor[4747]: * Starting AppArmor profiles May 25 17:04:53 apparmor[4747]: Skipping profile in /etc/apparmor.d/disable: usr.bin.firefox May 25 17:04:53 apparmor[4747]: Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd May 25 17:05:25 apparmor[4747]: ...fail! May 25 17:05:25 systemd[1]: apparmor.service: Main process exited, code=exited, status=123/n/a May 25 17:05:25 systemd[1]: apparmor.service: Failed with result 'exit-code'. May 25 17:05:25 systemd[1]: Failed to start AppArmor initialization. I can see that apparmor profiles are active after doing this (using aa-status), but it's still troubling that apparmor runs into an issue without actually saying what the error is. When attempting to load the profile from comment #7, apparmor uses excessive amounts of memory leading to being killed by the OOM killer and thus the apparmor.service failing. Original bug description: On Ubuntu 18.04.2 LTS Desktop, after running out of space on my disk, my system was unable to finish booting and I had to go into recovery mode and remove a number of files before the system would boot. After doing so I discovered that now the apparmor.service systemd unit always fails to start. I see this in dmesg: [ 1066.975360] Out of memory: Kill process 6799 (apparmor_parser) score 796 or sacrifice child [ 1066.975364] Killed process 6799 (apparmor_parser) total-vm:15057348kB, anon-rss:15046148kB, file-rss:0kB, shmem-rss:0kB [ 1067.406595] oom_reaper: reaped process 6799 (apparmor_parser), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB Whenever apparmor.service is attempted to be started by systemd, i.e. either on boot, or later with `systemctl start apparmor`. The log from journalctl doesn't show any actual issues with any profiles just this: -- Reboot -- May 25 17:00:58 systemd[1]: Starting AppArmor initialization... May 25 17:00:58 apparmor[1521]: * Starting AppArmor profiles May 25 17:00:58 apparmor[1521]: Skipping profile in /etc/apparmor.d/disable: usr.bin.firefox May 25 17:00:58 apparmor[1521]: Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd May 25 17:01:40 apparmor[1521]: ...fail! May 25 17:01:40 systemd[1]: apparmor.service: Main process exited, code=exited, status=123/n/a May 25 17:01:40 systemd[1]: apparmor.service: Failed with result 'exit-code'. May 25 17:01:40 systemd[1]: Failed to start AppArmor initialization. May 25 17:04:53 systemd[1]: Starting AppArmor initialization... May 25 17:04:53 apparmor[4747]: * Starting AppArmor profiles May 25 17:04:53 apparmor[4747]: Skipping profile in /etc/apparmor.d/disable: usr.bin.firefox May 25 17:04:53 apparmor[4747]: Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd May 25 17:05:25 apparmor[4747]: ...fail! May 25 17:05:25 systemd[1]: apparmor.service: Main process exited, code=exited, status=123/n/a May 25 17:05:25 systemd[1]: apparmor.service: Failed with result 'exit-code'. May 25 17:05:25 systemd[1]: Failed to start AppArmor initialization. I can see that apparmor profiles are active after doing this (using aa-status), but it's still troubling that apparmor runs into an issue without actually saying what the error is.
2019-10-22 20:14:42 Launchpad Janitor apparmor (Ubuntu): status New Confirmed
2019-10-22 20:14:54 Ivan Baldo bug added subscriber Ivan Baldo
2019-10-26 04:35:49 Brandon Silver bug added subscriber Brandon Silver
2019-12-17 19:43:55 Jamie Strandboge bug task added apparmor
2019-12-17 19:44:04 Jamie Strandboge apparmor: status New Confirmed
2020-04-23 11:28:18 Harald Weidner bug added subscriber Harald Weidner