Ubuntu
volatildap package

DEP8 fails due to apparmor restriction

Bug #1858800 reported by Andreas Hasenack
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
volatildap (Ubuntu)
Fix Released
Undecided
Andreas Hasenack

Bug Description

The volatildap DEP8 tests have been failing "forever" because of the slapd apparmor profile, which (correctly) prevents slapd from reading/writing to the directory that the test suite sets up:

apparmor="DENIED" operation="open" namespace="root//lxd-autopkgtest-lxd-kwrndt_<var-snap-lxd-common-lxd>" profile="/usr/sbin/slapd" name="/tmp/tmp15zext9c/slapd.conf" pid=27408 comm="slapd" requested_mask="r" denied_mask="r" fsuid=1000000 ouid=1000000

We could disable apparmor before the run, or add a local set of rules prior to the test pointing at that temporary directory. Something like this in /etc/apparmor.d/local/usr.sbin.slapd:
  /tmp/<tmpdir>/** rwk,

and then restart apparmor, or reload the profile (via sudo apparmor_parser -r /etc/apparmor.d/profile.name)

See original description

Related branches

~ahasenack/ubuntu/+source/volatildap:focal-volatildap-apparmor-dep8
Lucas Kanashiro (community): Approve
Canonical Server MOTU reviewers: Pending requested
Diff: 75 lines (+39/-3)
4 files modified
debian/changelog (+8/-0)
debian/control (+2/-1)
debian/tests/control (+2/-2)
debian/tests/run-tests (+27/-0)
Andreas Hasenack (ahasenack)
description: updated
description: updated
description: updated
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package volatildap - 1.3.0-2ubuntu2

---------------
volatildap (1.3.0-2ubuntu2) focal; urgency=medium

  * d/t/run-tests: only amend the apparmor profile if apparmor is
    installed and enabled.

volatildap (1.3.0-2ubuntu1) focal; urgency=medium

  * d/t/control, d/t/run-tests: amend the slapd apparmor profile
    to allow the tests to use /tmp/** for the slapd daemon
    (LP: #1858800)

 -- Andreas Hasenack <email address hidden> Thu, 09 Jan 2020 20:44:59 -0300

Changed in volatildap (Ubuntu):
status: New → Fix Released
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

I regressed this in lunar by mistakenly syncing the package. I missed this piece of delta.

Changed in volatildap (Ubuntu):
status: Fix Released → In Progress
assignee: nobody → Andreas Hasenack (ahasenack)
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package volatildap - 1.5.0-2ubuntu1

---------------
volatildap (1.5.0-2ubuntu1) lunar; urgency=medium

  * d/t/control, d/t/run-tests: amend the slapd apparmor profile
    to allow the tests to use /tmp/** for the slapd daemon
    (LP: #1858800)

 -- Andreas Hasenack <email address hidden> Sat, 17 Dec 2022 11:38:36 -0300

Changed in volatildap (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.