cups-pdf 2.6.1-9 not able to lookup domain user because apparmor profile
I use cups-pdf for years now. But now it's no longer able to lookup users from domain.
lookup user by getent passwd works fine.
lookup user by wbinfo works fine.
Login with domain user works fine.
kinit username works, too.
But cups-pdf with log level 7 tells: unknown user (admin)
It's regardless of wether I use UserPrefix MYDOMAIN\ or leave it blank.
Just the output of the log file differs to: unknown user (MYDOMAIN\admin)
After long time of searching around in all log files I tried to set apparmor profile use.sbin.cupsd to complain mode.
That fixes my problem.
But what I have to change in apparmor profile to switch back to enforce mode?
I don't get any logging by complain, enforce or audit mode in /var/log/syslog.
It looks like getpwnam or another method used in cups-pdf.c is restricted by apparmor in Ubuntu 14.04.1 LTS.
I use the default cups-pdf.conf and default usr.sbin.cupsd apparmor profile.
|affects:||cups-pdf (Ubuntu) → cups (Ubuntu)|
|Changed in cups (Ubuntu):|
|status:||New → Incomplete|