msg='apparmor="DENIED" operation="dbus_method_call"

Bug #1628835 reported by dino99 on 2016-09-29
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Unassigned

Bug Description

Get some apparmor 'DENIED' messages logged when booting with 4.8.0-17 kernel; this was not happening with some previous versions (at least 4.8.0-12) and no other upgrades can explain such apparmor messages, so blaming the kernel.

 oem@u64:~$ journalctl | grep DENIED

Sep 29 08:11:52 u64 audit[840]: USER_AVC pid=840 uid=101 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1" interface="org.freedesktop.resolve1.Manager" member="ResolveHostname" mask="send" name="org.freedesktop.resolve1" pid=1287 label="/usr/sbin/ntpd" peer_pid=1024 peer_label="unconfined"

Sep 29 08:11:52 u64 kernel: audit: type=1107 audit(1475129512.681:27): pid=840 uid=101 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1" interface="org.freedesktop.resolve1.Manager" member="ResolveHostname" mask="send" name="org.freedesktop.resolve1" pid=1287 label="/usr/sbin/ntpd" peer_pid=1024 peer_label="unconfined"

Sep 29 08:11:53 u64 audit[840]: USER_AVC pid=840 uid=101 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1" interface="org.freedesktop.resolve1.Manager" member="ResolveHostname" mask="send" name="org.freedesktop.resolve1" pid=1287 label="/usr/sbin/ntpd" peer_pid=1024 peer_label="unconfined"

Sep 29 08:11:53 u64 kernel: audit: type=1107 audit(1475129513.581:28): pid=840 uid=101 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1" interface="org.freedesktop.resolve1.Manager" member="ResolveHostname" mask="send" name="org.freedesktop.resolve1" pid=1287 label="/usr/sbin/ntpd" peer_pid=1024 peer_label="unconfined"

Sep 29 08:11:54 u64 audit[840]: USER_AVC pid=840 uid=101 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1" interface="org.freedesktop.resolve1.Manager" member="ResolveHostname" mask="send" name="org.freedesktop.resolve1" pid=1287 label="/usr/sbin/ntpd" peer_pid=1024 peer_label="unconfined"

Sep 29 08:11:54 u64 kernel: audit: type=1107 audit(1475129514.585:29): pid=840 uid=101 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1" interface="org.freedesktop.resolve1.Manager" member="ResolveHostname" mask="send" name="org.freedesktop.resolve1" pid=1287 label="/usr/sbin/ntpd" peer_pid=1024 peer_label="unconfined"

Sep 29 08:11:55 u64 audit[840]: USER_AVC pid=840 uid=101 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1" interface="org.freedesktop.resolve1.Manager" member="ResolveHostname" mask="send" name="org.freedesktop.resolve1" pid=1287 label="/usr/sbin/ntpd" peer_pid=1024 peer_label="unconfined"

Sep 29 08:11:55 u64 kernel: audit: type=1107 audit(1475129515.124:30): pid=840 uid=101 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1" interface="org.freedesktop.resolve1.Manager" member="ResolveHostname" mask="send" name="org.freedesktop.resolve1" pid=1287 label="/usr/sbin/ntpd" peer_pid=1024 peer_label="unconfined"

Note: i wonder if there is a relationship with the previous logged line before that error appear:
ntpd[1282]: Soliciting pool server .....

ProblemType: Bug
DistroRelease: Ubuntu 16.10
Package: linux-image-4.8.0-17-generic 4.8.0-17.19
ProcVersionSignature: Ubuntu 4.8.0-17.19-generic 4.8.0-rc7
Uname: Linux 4.8.0-17-generic x86_64
NonfreeKernelModules: nvidia_uvm nvidia_drm nvidia_modeset nvidia
ApportVersion: 2.20.3-0ubuntu7
Architecture: amd64
AudioDevicesInUse:
 USER PID ACCESS COMMAND
 /dev/snd/controlC1: oem 2213 F.... pulseaudio
 /dev/snd/pcmC0D0p: oem 2213 F...m pulseaudio
 /dev/snd/controlC0: oem 2213 F.... pulseaudio
CurrentDesktop: GNOME
Date: Thu Sep 29 10:58:44 2016
HibernationDevice: RESUME=UUID=0a9ca7f0-6eeb-4b21-b70f-670fa600de16
IwConfig:
 lo no wireless extensions.

 eth1 no wireless extensions.

 eth0 no wireless extensions.
Lsusb:
 Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
 Bus 003 Device 002: ID 046d:c062 Logitech, Inc. M-UAS144 [LS1 Laser Mouse]
 Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
 Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
MachineType: ASUSTEK COMPUTER INC P5W DH Deluxe
ProcFB: 0 VESA VGA
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.8.0-17-generic root=UUID=7c755ed6-51cc-4b75-88ac-9c75acf82749 ro
RelatedPackageVersions:
 linux-restricted-modules-4.8.0-17-generic N/A
 linux-backports-modules-4.8.0-17-generic N/A
 linux-firmware 1.161
RfKill:

SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 07/22/2010
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: 3002
dmi.board.asset.tag: To Be Filled By O.E.M.
dmi.board.name: P5W DH Deluxe
dmi.board.vendor: ASUSTeK Computer INC.
dmi.board.version: Rev 1.xx
dmi.chassis.asset.tag: Asset-1234567890
dmi.chassis.type: 3
dmi.chassis.vendor: Chassis Manufacture
dmi.chassis.version: Chassis Version
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr3002:bd07/22/2010:svnASUSTEKCOMPUTERINC:pnP5WDHDeluxe:pvrSystemVersion:rvnASUSTeKComputerINC.:rnP5WDHDeluxe:rvrRev1.xx:cvnChassisManufacture:ct3:cvrChassisVersion:
dmi.product.name: P5W DH Deluxe
dmi.product.version: System Version
dmi.sys.vendor: ASUSTEK COMPUTER INC

dino99 (9d9) wrote :

This change was made by a bot.

Changed in linux (Ubuntu):
status: New → Confirmed
Joseph Salisbury (jsalisbury) wrote :

Did this issue start happening after an update/upgrade? Was there a prior kernel version where you were not having this particular problem?

Would it be possible for you to test the latest upstream kernel? Refer to https://wiki.ubuntu.com/KernelMainlineBuilds . Please test the latest v4.8 kernel[0].

If this bug is fixed in the mainline kernel, please add the following tag 'kernel-fixed-upstream'.

If the mainline kernel does not fix this bug, please add the tag: 'kernel-bug-exists-upstream'.

Once testing of the upstream kernel is complete, please mark this bug as "Confirmed".

Thanks in advance.

[0] http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.8

Changed in linux (Ubuntu):
importance: Undecided → Medium
status: Confirmed → Incomplete
dino99 (9d9) wrote :

The first bug description sentence said it all: ... started with 4.8.0.17

and now using the final 4.8 kernel release (4.8.0.20) i also get the same errors logged.

Looks like a very close message was met some times ago:
 https://bugs.launchpad.net/ubuntu/+source/linux-mako/+bug/1473584

tags: added: kernel-bug-exists-upstream
Changed in linux (Ubuntu):
status: Incomplete → Confirmed
dino99 (9d9) on 2016-10-04
description: updated
dino99 (9d9) wrote :

The root cause seems related to the apparmor tcpdump profile Bug #1632399

Tyler Hicks (tyhicks) wrote :

Not quite. The root cause of these denials is the switch over to systemd-resolved for name resolution. This is being tracked in bug #1598759. The kernel is not at fault so I'm marking the linux task as invalid.

Changed in linux (Ubuntu):
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers