PermissionError for AppArmor Profiles i.e., SSH
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
I have created an AppArmor profile for SSH.
The profile is created successfully but each time I run aa-logprof it gives PermissionError: [Errno 13]
An example of the error:
<pre>Traceback (most recent call last):
File "/usr/sbin/
tool.
File "/usr/lib/
apparmor.
File "/usr/lib/
change_
File "/usr/lib/
set_
File "/usr/lib/
os.
PermissionError: [Errno 13] Permission denied: '/etc/apparmor.
</pre>
Please consider reporting a bug at https:/
and attach this file.
+++++++
Traceback (most recent call last):
File "/usr/sbin/
apparmor.
File "/usr/lib/
save_profiles()
File "/usr/lib/
write_
File "/usr/lib/
write_
File "/usr/lib/
newprof = tempfile.
File "/usr/lib/
(fd, name) = _mkstemp_inner(dir, prefix, suffix, flags, output_type)
File "/usr/lib/
fd = _os.open(file, flags, 0o600)
PermissionError: [Errno 13] Permission denied: '/etc/apparmor.
An unexpected error occurred!
For details, see /tmp/apparmor-bug report-5qnjyx3t.txt
Please consider reporting a bug at https:/
and attach this file.
+++++++
+++++++
root@protegrity
Profile for /etc/apparmor.
Profile for /etc/apparmor.
Setting /etc/apparmor.
Profile for /etc/apparmor.
Profile for /etc/apparmor.
Setting /etc/apparmor.
Setting /etc/apparmor.
Traceback (most recent call last):
File "/usr/sbin/
tool.
File "/usr/lib/
apparmor.
File "/usr/lib/
change_
File "/usr/lib/
set_
File "/usr/lib/
temp_file = tempfile.
File "/usr/lib/
(fd, name) = _mkstemp_inner(dir, prefix, suffix, flags, output_type)
File "/usr/lib/
fd = _os.open(file, flags, 0o600)
PermissionError: [Errno 13] Permission denied: '/etc/apparmor.
An unexpected error occurred!
For details, see /tmp/apparmor-
Please consider reporting a bug at https:/
and attach this file.
+++++++
Secondly, once I accept this denial, AppArmor repeatedly gives similar denials for almost every profile.
I am using a security product and running it on Debian 9.
root@protegrity
9.9
I expect that these denials should not occur repeatedly.
Please do check.
Also, I am creating/ running as root.