ntpd wants to read /etc/gai.conf

Bug #202991 reported by William Grant on 2008-03-16
Affects Status Importance Assigned to Milestone
apparmor (Ubuntu)
Kees Cook

Bug Description

Binary package hint: apparmor

I often get lines like the following in my syslog:

Mar 17 08:23:53 irranat kernel: [ 656.177844] audit(1205702633.448:595): operation="inode_permission" request_mask="r::" denied_mask="r::" name="/etc/gai.conf" pid=25847 profile="/usr/sbin/ntpd" namespace="default"

Apparently the file should be added to abstractions/nameservice.

Kees Cook (kees) wrote :

Thanks! I've got this in the branch for the next apparmor upload.

Changed in apparmor:
assignee: nobody → keescook
importance: Undecided → Low
milestone: none → ubuntu-8.04
status: New → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apparmor - 2.1+1075-0ubuntu6

apparmor (2.1+1075-0ubuntu6) hardy; urgency=low

  [ Kees Cook ]
  * utils/SubDomain.pm:
    - fix up mask parsing to match kernel version (LP: #202920).
    - fix up syslog parsing regexp to match broken kernels (LP: #202888).
  * profiles/apparmor.d/abstractions/base: add licenses path for reading.
  * profiles/apparmor.d/abstractions/freedesktop.org: include /usr/local.
  * profiles/apparmor.d/usr.sbin.smbd: include print client abstraction.
  * profiles/apparmor.d/abstractions/nameservice: include missing gai.conf
    (LP: #202991).

  [ Jamie Strandboge ]
  * add Debian Policy compliant way to toggle complain mode (LP: #203137)
    - parser/rc.apparmor.functions: add '-C' to PARSER_ARGS if
      force-complain/<profile> exists
    - utils/enforce: remove symlink in force-complain/
    - debian/rules: create /etc/apparmor.d/force-complain

 -- Kees Cook <email address hidden> Mon, 17 Mar 2008 10:28:23 -0700

Changed in apparmor:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers