Ubuntu
rsyslog package

  1. Bug #1766600
  2. Comment #0

Comment 0 for bug 1766600

Revision history for this message
Jamie Strandboge (jdstrand) wrote : [bionic] apparmor denial for rsyslog modules in multiarch directory

With the new bionic upload, when the apparmor profile is enabled, rsyslog fails to start due to:

AVC apparmor="DENIED" operation="file_mmap" profile="/usr/sbin/rsyslogd" name="/usr/lib/x86_64-linux-gnu/rsyslog/lmnet.so" pid=19949 comm="rsyslogd" requested_mask="m" denied_mask="m" fsuid=0 ouid=0

The profile has this rule:

  /usr/lib{,32,64}/rsyslog/*.so mr,

but the new upload puts modules in /usr/lib/x86_64-linux-gnu/rsyslog so this rule should be adjusted to:

  /usr/lib{,32,64}/{,@multiarch/}rsyslog/*.so mr,