[Bug 1005062] [NEW] dhcpd cannot READ /var/run/dhcpd.pid because of bad apparmor config

Serge 1005062 at bugs.launchpad.net
Sun May 27 04:08:07 UTC 2012 

Public bug reported:

apparmor="DENIED" operation="open" parent=31445
profile="/usr/sbin/dhcpd" name="/run/dhcp-server/dhcpd.pid" pid=31446
comm="dhcpd" requested_mask="r" denied_mask="r" fsuid=121 ouid=121


Apparmor config for dhcpd 
/{,var/}run/{,dhcp-server/}dhcpd{,6}.pid w,

dhcpd needs access to read the pid file in server/dhcpd.c


                /*Read previous pid file. */
                if ((i = open (path_dhcpd_pid, O_RDONLY)) >= 0) {
                        status = read(i, pbuf, (sizeof pbuf) - 1);
                        close (i);
                        if (status > 0) {
                                pbuf[status] = 0;
                                pid = atoi(pbuf);

                                /*
                                 * If there was a previous server process and
                                 * it is still running, abort
                                 */
                                if (!pid ||
                                    (pid != getpid() && kill(pid, 0) == 0))
                                        log_fatal("There's already a "
                                                  "DHCP server running.");
                        }
                }

This bug is present in precise and in natty

** Affects: isc-dhcp (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: apparmor

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to isc-dhcp in Ubuntu.
https://bugs.launchpad.net/bugs/1005062

Title:
  dhcpd cannot READ /var/run/dhcpd.pid because of bad apparmor config

Status in “isc-dhcp” package in Ubuntu:
  New

Bug description:
  apparmor="DENIED" operation="open" parent=31445
  profile="/usr/sbin/dhcpd" name="/run/dhcp-server/dhcpd.pid" pid=31446
  comm="dhcpd" requested_mask="r" denied_mask="r" fsuid=121 ouid=121

  
  Apparmor config for dhcpd 
  /{,var/}run/{,dhcp-server/}dhcpd{,6}.pid w,

  dhcpd needs access to read the pid file in server/dhcpd.c

  
                  /*Read previous pid file. */
                  if ((i = open (path_dhcpd_pid, O_RDONLY)) >= 0) {
                          status = read(i, pbuf, (sizeof pbuf) - 1);
                          close (i);
                          if (status > 0) {
                                  pbuf[status] = 0;
                                  pid = atoi(pbuf);

                                  /*
                                   * If there was a previous server process and
                                   * it is still running, abort
                                   */
                                  if (!pid ||
                                      (pid != getpid() && kill(pid, 0) == 0))
                                          log_fatal("There's already a "
                                                    "DHCP server running.");
                          }
                  }

  This bug is present in precise and in natty

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1005062/+subscriptions

More information about the foundations-bugs mailing list