You have been subscribed to a public bug by Robie Basak (racb):
Hi, since I upgraded from XUbuntu 15.04 to 15.10 I started to get a lot
of apparmor complains about dovecot. The complains were more or less
like this:
operation="connect" profile="/usr/lib/dovecot/auth"
name="/run/dovecot/anvil-auth-penalty" comm="auth" requested_mask="wr"
denied_mask="wr" fsuid=0 ouid=0
operation="connect" profile="/usr/lib/dovecot/auth"
name="/run/dovecot/auth-worker" comm="auth" requested_mask="wr"
denied_mask="wr" fsuid=117 ouid=117
operation="file_perm" profile="/usr/lib/dovecot/anvil"
name="/run/dovecot/anvil-auth-penalty" comm="anvil" requested_mask="r"
denied_mask="r" fsuid=117 ouid=0
operation="file_perm" profile="/usr/lib/dovecot/anvil"
name="/run/dovecot/anvil" comm="anvil" requested_mask="r" denied_mask="r"
fsuid=117 ouid=0
operation="file_perm" profile="/usr/lib/dovecot/anvil"
name="/run/dovecot/anvil" comm="anvil" requested_mask="w" denied_mask="w"
fsuid=117 ouid=0
operation="file_perm" profile="/usr/lib/dovecot/auth"
name="/run/dovecot/anvil-auth-penalty" comm="auth" requested_mask="w"
denied_mask="w" fsuid=0 ouid=0
operation="file_perm" profile="/usr/lib/dovecot/auth"
name="/run/dovecot/auth-master" comm="auth" requested_mask="w" denied_mask="w"
fsuid=117 ouid=0
operation="file_perm" profile="/usr/lib/dovecot/auth"
name="/run/dovecot/auth-worker" comm="auth" requested_mask="r" denied_mask="r"
fsuid=0 ouid=117
operation="file_perm" profile="/usr/lib/dovecot/auth"
name="/run/dovecot/auth-worker" comm="auth" requested_mask="w" denied_mask="w"
fsuid=117 ouid=117
operation="file_perm" profile="/usr/lib/dovecot/auth"
name="/run/dovecot/login/login" comm="auth" requested_mask="r" denied_mask="r"
fsuid=117 ouid=0
operation="file_perm" profile="/usr/lib/dovecot/auth"
name="/run/dovecot/login/login" comm="auth" requested_mask="w" denied_mask="w"
fsuid=117 ouid=0
operation="file_perm" profile="/usr/lib/dovecot/imap"
name="/run/dovecot/login/imap" comm="imap" requested_mask="r" denied_mask="r"
fsuid=0 ouid=0
operation="file_perm" profile="/usr/lib/dovecot/imap"
name="/run/dovecot/login/imap" comm="imap" requested_mask="w" denied_mask="w"
fsuid=0 ouid=0
operation="file_perm" profile="/usr/lib/dovecot/ssl-params"
name="/run/dovecot/login/ssl-params" comm="ssl-params" requested_mask="w"
denied_mask="w" fsuid=0 ouid=0
operation="file_receive" profile="/usr/lib/dovecot/imap" comm="imap"
family="unix" sock_type="stream" protocol=0 requested_mask="send receive"
denied_mask="send receive" addr=none peer_addr=none
peer="/usr/lib/dovecot/imap-login"
operation="file_receive" profile="/usr/lib/dovecot/imap-login" comm="imap"
family="unix" sock_type="stream" protocol=0 requested_mask="send receive"
denied_mask="send receive" addr=none peer_addr=none peer="/usr/lib/dovecot/imap"
operation="signal" profile="/usr/sbin/dovecot" comm="dovecot"
requested_mask="send" denied_mask="send" signal=int peer="/usr/lib/dovecot/auth"
To avoid them, I added some stuff to the /etc/apparmor.d/local directory, patch
attached.
ProblemType: Bug
DistroRelease: Ubuntu 15.10
Package: dovecot-core 1:2.2.18-2ubuntu2
ProcVersionSignature: Ubuntu 4.2.0-17.21-generic 4.2.3
Uname: Linux 4.2.0-17-generic x86_64
ApportVersion: 2.19.1-0ubuntu4
Architecture: amd64
CurrentDesktop: XFCE
Date: Sun Nov 1 19:42:56 2015
InstallationDate: Installed on 2012-11-11 (1085 days ago)
InstallationMedia: Xubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.1)
SourcePackage: dovecot
UpgradeStatus: Upgraded to wily on 2015-11-01 (0 days ago)
** Affects: dovecot (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug patch wily
--
Apparmor complains about multiple /run/dovecot file access
https://bugs.launchpad.net/bugs/1512131
You received this bug notification because you are a member of Ubuntu Server
Team, which is subscribed to the bug report.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
