Ubuntu
rsyslog package

  1. Bug #2009230
  2. Activity log

Activity log for bug #2009230

Date Who What changed Old value New value Message
2023-03-03 21:12:20 Georgia Garcia bug added bug
2023-03-03 21:19:32 Georgia Garcia bug task added gce-compute-image-packages (Ubuntu)
2023-03-03 21:21:40 Georgia Garcia description The AppArmor profile for rsyslog, which had been disabled on previous Ubuntu versions, was enabled in lunar. The package google-compute-engine added a config file to rsyslog which requires rw access to /dev/console google:ubuntu-23.04-64 /root# cat /etc/rsyslog.d/90-google.conf # Google Compute Engine default console logging. # # daemon: logging from Google provided daemons. # kern: logging information in case of an unexpected crash during boot. # daemon,kern.* /dev/console google:ubuntu-23.04-64 /root# apt-file search /etc/rsyslog.d/90-google.conf google-compute-engine: /etc/rsyslog.d/90-google.conf So in gce cloud images, we are getting the following denials: [ 1500.302082] audit: type=1400 audit(1677876883.728:495): apparmor="DENIED" operation="open" class="file" profile="rsyslogd" name="/dev/console" pid=603 comm=72733A6D61696E20513A526567 requested_mask="ac" denied_mask="ac" fsuid=101 ouid=0 To fix it, we just need to add /dev/console rw, to /etc/apparmor.d/usr.sbin.rsyslogd The AppArmor profile for rsyslog, which had been disabled on previous Ubuntu versions, was enabled in lunar. The package google-compute-engine added a config file to rsyslog which requires rw access to /dev/console google:ubuntu-23.04-64 /root# cat /etc/rsyslog.d/90-google.conf # Google Compute Engine default console logging. # # daemon: logging from Google provided daemons. # kern: logging information in case of an unexpected crash during boot. # daemon,kern.* /dev/console google:ubuntu-23.04-64 /root# apt-file search /etc/rsyslog.d/90-google.conf google-compute-engine: /etc/rsyslog.d/90-google.conf So in gce cloud images, we are getting the following denials: [ 1500.302082] audit: type=1400 audit(1677876883.728:495): apparmor="DENIED" operation="open" class="file" profile="rsyslogd" name="/dev/console" pid=603 comm=72733A6D61696E20513A526567 requested_mask="ac" denied_mask="ac" fsuid=101 ouid=0 To fix it, we just need to add   /dev/console rw, to /etc/apparmor.d/usr.sbin.rsyslogd or the same permission should be added to a file in /etc/apparmor.d/rsyslog.d/ by the google-compute-engine package
2023-03-03 21:22:07 Georgia Garcia nominated for series Ubuntu Lunar
2023-03-03 21:22:07 Georgia Garcia bug task added rsyslog (Ubuntu Lunar)
2023-03-03 21:22:07 Georgia Garcia bug task added gce-compute-image-packages (Ubuntu Lunar)
2023-03-03 21:32:38 Andreas Hasenack bug added subscriber Andreas Hasenack
2023-03-07 15:10:36 Philip Roche bug added subscriber Philip Roche
2023-03-24 21:29:16 Launchpad Janitor merge proposal linked https://code.launchpad.net/~georgiag/ubuntu/+source/rsyslog/+git/rsyslog/+merge/439655
2023-03-31 16:35:56 Launchpad Janitor rsyslog (Ubuntu Lunar): status New Fix Released