apparmor blocking smbd which is in complain mode
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
samba (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Xenial |
Won't Fix
|
Medium
|
Andreas Hasenack | ||
Bionic |
Won't Fix
|
Medium
|
Andreas Hasenack |
Bug Description
This error is occurring because samba is working in user profile and folder '/run/samba/
aravind@comp:~$ tail -f /var/log/syslog | grep -i apparmor
Sep 25 21:25:36 comp kernel: [ 4535.034713] audit: type=1400 audit(150635493
Sep 25 21:25:36 comp kernel: [ 4535.034719] audit: type=1400 audit(150635493
Sep 25 21:27:39 comp kernel: [ 4657.984668] audit: type=1400 audit(150635505
Sep 25 21:27:39 comp kernel: [ 4657.984675] audit: type=1400 audit(150635505
Sep 25 21:27:39 comp kernel: [ 4657.984679] audit: type=1400 audit(150635505
Sep 25 21:27:39 comp kernel: [ 4657.984684] audit: type=1400 audit(150635505
Sep 25 21:27:39 comp kernel: [ 4657.991838] audit: type=1400 audit(150635505
^C
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: apparmor 2.10.95-0ubuntu2.7
ProcVersionSign
Uname: Linux 4.10.0-35-generic x86_64
NonfreeKernelMo
ApportVersion: 2.20.1-0ubuntu2.10
Architecture: amd64
CurrentDesktop: Unity
Date: Mon Sep 25 21:27:07 2017
ProcKernelCmdline: BOOT_IMAGE=
SourcePackage: apparmor
Syslog:
Sep 25 10:34:40 comp dbus[1174]: [system] AppArmor D-Bus mediation is enabled
Sep 25 18:34:05 comp dbus[1083]: [system] AppArmor D-Bus mediation is enabled
Sep 25 20:10:24 comp dbus[1066]: [system] AppArmor D-Bus mediation is enabled
UpgradeStatus: No upgrade log present (probably fresh install)
affects: | apparmor (Ubuntu) → samba (Ubuntu) |
description: | updated |
tags: | added: server-next |
Changed in samba (Ubuntu): | |
status: | Confirmed → Fix Released |
Changed in samba (Ubuntu Xenial): | |
status: | New → Triaged |
Changed in samba (Ubuntu Bionic): | |
status: | New → Triaged |
importance: | Undecided → Medium |
Changed in samba (Ubuntu Xenial): | |
importance: | Undecided → Medium |
This is fixed in AppArmor bzr since
revno: 3437.1.4
timestamp: Wed 2016-04-13 09:24:46 -0400
usr.sbin.smbd: new lock dir used by recent versions (4.3.8)
so you'll "just" need to backport the smbd profile to 16.04.