Comment 17 for bug 1373070

Same problem with powerdns, I can't run it with apparmor profile, because it complains:

operation="sendmsg" info="Failed name lookup - disconnected path" error=-13 profile="/usr/sbin/pdns_server" name="run/systemd/journal/dev-log" pid=17236 comm="pdns_server" requested_mask="w" denied_mask="w" fsuid=0 ouid=0

I am not an expert, but I tried to put run/systemd/journal/dev-log into the profile, but it is not accepted as it does not start with / ... But this is what kernel log suggest, so what can I do otherwise?

Note: I have: /usr/sbin/pdns_server flags=(complain,attach_disconnected)

But still ... (now I have only complain mode).

If I exclude pdns from systemd it works btw, and no wonder as it seems the problem somehow connected to systemd's journal, so it's better not to use systemd if possible since it renders apparmor unusable in my experience :( But for sure, I would be more than happy to have a better option, rather than deleting systemd's unit file each time after upgrade pdns ... Or so.

this is up-to-date Ubuntu 16.04.3 LTS 64 bit, fresh install, but I have about a dozen of servers with this problem with different daemons as well, not only powerdns.