[apparmor] [Bug 749727] Re: ntpd daemon request capability "dac_override"
c
749727 at bugs.launchpad.net
Sun Apr 3 23:52:27 UTC 2011
mine is same as yours
$ ls -la /etc/ntp.conf
-rw-r--r-- 1 root root 1633 2010-11-15 07:10 /etc/ntp.conf
$ ls -la /var/lib/ntp/ntp.drift
-rw-r--r-- 1 ntp ntp 7 2011-04-04 07:00 /var/lib/ntp/ntp.drift
$ ls -la /var/run/ntpd.pid
-rw-r--r-- 1 root root 4 2011-04-04 06:00 /var/run/ntpd.pid
$ ls -la /var/log/ntpstats
total 8
drwxr-xr-x 2 ntp ntp 4096 2010-08-07 08:36 .
drwxr-xr-x 17 root root 4096 2011-04-04 07:35 ..
--
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
https://bugs.launchpad.net/bugs/749727
Title:
ntpd daemon request capability "dac_override"
Status in AppArmor Linux application security framework:
New
Status in NTP:
New
Bug description:
Environment: Ubuntu Desktop x64 10.10
The following message is observed in syslog
Apr 3 17:47:22 universe kernel: [ 20.235357] type=1400
audit(1301824042.778:24): apparmor="DENIED" operation="capable"
parent=1 profile="/usr/sbin/ntpd" pid=1459 comm="ntpd" capability=1
capname="dac_override"
either apparmor security profile is too restrictive or daemon "ntpd"
has bug
More information about the AppArmor
mailing list