mythtv schedules broken due apparmor mysql profile

Thomas, can you adjust these lines in /etc/apparmor.d/abstractions/user-tmp:
  owner /var/tmp/ rw,
  owner /tmp/ rw,

to be:
  /var/tmp/ rw,
  /tmp/ rw,

Then do:
$ sudo apparmor_parser -r -T -W /etc/apparmor.d/usr.sbin.mysqld

Then restart apparmor then mysql. Rebooting would be easiest (but make sure mysqld is still confined with 'sudo aa-status').

Please report back. I also recommend The abstraction is clearly too strict and will be fixed in the apparmor package, but after making the change an adjustment may still be needed for mysql.

This bug was fixed in the package apparmor - 2.5.1~pre1393-0ubuntu3

---------------
apparmor (2.5.1~pre1393-0ubuntu3) maverick; urgency=low

  * debian/patches/0002-lp615177.patch: 'owner' match in commit 1406 too
    strict for /tmp/ and /var/tmp/ (LP: #615177)
 -- Jamie Strandboge <email address hidden> Mon, 09 Aug 2010 10:17:05 -0500

Thomas, actually, if you can test after upgrading to 2.5.1~pre1393-0ubuntu3, that would be even better. Thanks!

Moin moin Jamie

2.5.1~pre1393-0ubuntu3 fixed the problem!
IMHO, bug may be closed.

regards,
thomas

Accepted apparmor into lucid-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Lucid not affected. This was an iteration of fix for bug #578922. Does not regress with 2.5.1-0ubuntu0.10.04.1 in lucid-proposed.

This bug was fixed in the package apparmor - 2.5.1-0ubuntu0.10.04.1

---------------
apparmor (2.5.1-0ubuntu0.10.04.1) lucid-proposed; urgency=low

  * Backport 2.5.1-0ubuntu0.10.10.1 from maverick for userspace tools to work
    with newer kernels (LP: #660077)
    NOTE: user-tmp now uses 'owner' match, so non-default profiles will have
    to be adjusted when 2 separately confined applications that both use the
    user-tmp abstraction depend on being able to cooperatively share files
    with each other in /tmp or /var/tmp.
  * remove the following patches (features not appropriate for SRU):
    - 0002-add-chromium-browser.patch
    - 0003-local-includes.patch
    - 0004-ubuntu-abstractions-updates.patch
  * debian/rules (this makes it the same as what was shipped in 10.04 LTS
    release):
    - don't ship aa-update-browser and its man page (requires
      0004-ubuntu-abstractions-updates.patch)
    - don't ship apparmor.d/local/ (requires 0003-local-includes.patch)
    - don't use dh_apparmor (not in Ubuntu 10.04 LTS)
    - don't ship chromium profile
  * remove debian/profiles/chromium-browser
  * remove debian/aa-update-browser*
  * debian/apparmor-profiles.postinst: revert to that in lucid release
    (requires dh_apparmor and 0002-add-chromium-browser.patch)
  * remove debian/apparmor-profiles.postrm: doesn't make sense without
    0002-add-chromium-browser.patch
  * debian/control:
    - revert Build-Depends on debhelper (>= 5)
    - revert Standards-Version to 3.8.4
    - revert Vcs-Bzr
    - use Conflicts/Replaces version that was in Ubuntu 10.04 LTS
  * debian/patches/0011-lucid-compat-dbus.patch: move /var/lib/dbus/machine-id
    back into dbus, since profiles on 10.04 LTS expect it there
  * debian/patches/0012-lucid-compat-kde.patch: add kde4-config to kde
    abstraction, since the firefox profile on Ubuntu 10.04 LTS expects it to
    be there

apparmor (2.5.1-0ubuntu0.10.10.2) maverick-proposed; urgency=low

  * New upstream release (LP: #660077)
    - The following patches were refreshed:
      + 0001-fix-release.patch
      + 0003-local-includes.patch
      + 0004-ubuntu-abstractions-updates.patch
      + 0008-lp648900.patch: renamed as 0005-lp648900.patch
    - The following patches were dropped (included upstream):
      + 0005-lp601583.patch
      + 0006-network-interface-enumeration.patch
      + 0007-gnome-updates.patch
  * debian/patches/0006-testsuite-fixes.patch: testsuite fixes from head
    of 2.5 branch. These are needed for QRT and SRU testing (LP: #652211)
  * debian/patches/0007-honor-cflags.patch: have the parser makefile honor
    CFLAGS environment variable. Brings back missing symbols for the retracer
  * debian/patches/0008-lp652674.patch: fix warnings for messages without
    denied or requested masks (LP: #652674)
  * debian/apparmor.init: fix path to aa-status (LP: #654841)
  * debian/apport/source_apparmor.py: apport hook should use
    root_command_hook() for running apparmor_status (LP: #655529)
  * debian/apport/source_apparmor.py: use ProcKernelCmdline and don't clobber
    cmdline details (LP: #657091)
  * debian/{rules,control}: move apache2 abstractions into the base package
    so we can put ...

please send me apparmorfix released

please send me apparmorfix released, and i am using ubuntu 10.04

please send me apparmorfix released, and i am using ubuntu 10.04 server

lucid has seen the end of its life and is no longer receiving any updates. Marking the lucid task for this ticket as "Won't Fix".