| 2009-02-03 00:17:47 |
Tim Southerwood |
bug |
|
|
added bug |
| 2009-02-03 00:17:47 |
Tim Southerwood |
bug |
|
|
added attachment 'cups-info.tar.bz2' (cups-info.tar.bz2) |
| 2009-02-03 16:13:21 |
Till Kamppeter |
bug |
|
|
added subscriber Martin Pitt |
| 2009-02-13 09:28:58 |
Martin Pitt |
cupsys: status |
New |
Incomplete |
|
| 2009-02-13 09:28:58 |
Martin Pitt |
cupsys: assignee |
|
pitti |
|
| 2009-02-13 09:28:58 |
Martin Pitt |
cupsys: statusexplanation |
|
Can you please reproduce the situation that caused an error before, and attach /var/log/kern.log? This will show me the exact violations that cause this. Thanks! |
|
| 2009-02-16 08:34:31 |
Martin Pitt |
cupsys: status |
Incomplete |
In Progress |
|
| 2009-02-16 08:34:31 |
Martin Pitt |
cupsys: title |
Bug #324645 in cupsys (Ubuntu): "Hardy i386 Cupsd crash with SIGSEGV with PAM/Kerberos Auth" |
Bug #324645 in cups (Ubuntu): "Hardy i386 Cupsd crash with SIGSEGV with PAM/Kerberos Auth" |
|
| 2009-02-16 08:34:31 |
Martin Pitt |
cupsys: importance |
Undecided |
Medium |
|
| 2009-02-16 08:34:31 |
Martin Pitt |
cupsys: bugtargetname |
cupsys (Ubuntu) |
cups (Ubuntu) |
|
| 2009-02-16 08:34:31 |
Martin Pitt |
cupsys: statusexplanation |
Can you please reproduce the situation that caused an error before, and attach /var/log/kern.log? This will show me the exact violations that cause this. Thanks! |
> audit(1234518067.729:18152): type=1503 operation="inode_permission"
> requested_mask="w::" denied_mask="w::" name="/etc/krb5.conf" pid=12486
> profile="/usr/sbin/cupsd" namespace="default"
This looks worrysome. Why does it want to write ("w") krb5.conf? ...
> Then I add "/etc/krb5.conf r," to app-armour for usr.sbin.cupsd
Anyway, you only gave it read permissions, which should really be sufficient. Since you say that works, all is great.
'k' means "lock", BTW, i. .e you can call flock() on a file. It's rather harmless.
So I'll add those changes to the cups profile.
Thank you! |
|
| 2009-02-16 08:34:31 |
Martin Pitt |
cupsys: bugtargetdisplayname |
cupsys (Ubuntu) |
cups (Ubuntu) |
|
| 2009-02-16 08:34:57 |
Martin Pitt |
title |
Hardy i386 Cupsd crash with SIGSEGV with PAM/Kerberos Auth |
Fix apparmor profile for Kerberos |
|
| 2009-03-10 12:09:01 |
Martin Pitt |
cups: status |
In Progress |
Fix Committed |
|
| 2009-03-10 12:09:01 |
Martin Pitt |
cups: statusexplanation |
> audit(1234518067.729:18152): type=1503 operation="inode_permission"
> requested_mask="w::" denied_mask="w::" name="/etc/krb5.conf" pid=12486
> profile="/usr/sbin/cupsd" namespace="default"
This looks worrysome. Why does it want to write ("w") krb5.conf? ...
> Then I add "/etc/krb5.conf r," to app-armour for usr.sbin.cupsd
Anyway, you only gave it read permissions, which should really be sufficient. Since you say that works, all is great.
'k' means "lock", BTW, i. .e you can call flock() on a file. It's rather harmless.
So I'll add those changes to the cups profile.
Thank you! |
|
|
| 2009-03-10 13:00:06 |
Launchpad Janitor |
cups: status |
Fix Committed |
Fix Released |
|
