[Bug 1171838] Re: Last nights isc-dhcp-server update fails to start
Robert E Blair
reblair at operamail.com
Fri May 17 18:04:42 UTC 2013
I have had this issue off and on for a couple of weeks. After much tearing of hair and gnashing of teeth I believe I fixed it. In the upstart configuration for isc-dhcp-server there is no stanza of the form:
/lib/init/apparmor-profile-load usr.sbin.dhcpd
I don't know about systems running NM but if you have a dhcp server running likely you don't want NM taking your connections up and down (I remob\ved NM from this system and statically configure the network) but the apparmor profile likely needs to be there in cases where the network is statically configured. The apparmor configuration likely is loaded too late on these systems and this causes much grief.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to isc-dhcp in Ubuntu.
https://bugs.launchpad.net/bugs/1171838
Title:
Last nights isc-dhcp-server update fails to start
Status in “isc-dhcp” package in Ubuntu:
Fix Released
Status in “isc-dhcp” source package in Quantal:
Fix Released
Bug description:
== Rational ==
The recent isc-dhcp SRU to quantal introduced a patch that fixes cases where checksum offloading would cause the checksum to be empty by having dhcpd re-calculate the checksum in those case.
This requires dhcpd to use raw sockets, unfortunately I forgot to
allow those in the apparmor profile.
I've had 3 report so far of people who got a broken dhcpd post-upgrade
and I suspect the number to be far higher.
The fix simply copies the apparmor profile as we have it in raring
which allows the extra socket type.
== Test case ==
1) Install dhcpd on a machine that does checksum offloading (virtual machine with virtio for example) or uses infiniband
2) Check that dhcpd starts
== Regression potential ==
This is a direct copy of the apparmor profile from raring. The dmesg entry below quite clearly matches the socket type, so I don't expect any regression to happen.
--- Original bug report ---
This is Ubuntu 12.10
Start-Date: 2013-04-22 20:48:32
Commandline: apt-get --assume-yes dist-upgrade
Upgrade: isc-dhcp-client:i386 (4.2.4-1ubuntu10.1, 4.2.4-1ubuntu10.2), isc-dhcp-common:i386 (4.2.4-1ubuntu10.1, 4.2.4-1ubuntu10.2), isc-dhcp-server:i386 (4.2.4-1ubuntu10.1, 4.2.4-1ubuntu10.2)
End-Date: 2013-04-22 20:49:28
I forced a downgrade to the previous packages isc-dhcp-client_4.2.4-1ubuntu10.1_i386.deb
isc-dhcp-common_4.2.4-1ubuntu10.1_i386.deb isc-dhcp-server_4.2.4-1ubuntu10.1_i386.deb and it is working now.
Here a few of the log entries from when it was working to when it
stopped working:
Apr 22 20:27:57 io dhcpd: DHCPACK to 192.168.2.98 (00:1f:d0:d0:ed:50) via eth1
Apr 22 20:38:00 io dhcpd: DHCPINFORM from 192.168.2.98 via eth1
Apr 22 20:38:00 io dhcpd: DHCPACK to 192.168.2.98 (00:1f:d0:d0:ed:50) via eth1
Apr 22 20:48:02 io dhcpd: DHCPINFORM from 192.168.2.98 via eth1
Apr 22 20:48:02 io dhcpd: DHCPACK to 192.168.2.98 (00:1f:d0:d0:ed:50) via eth1
Apr 22 20:49:21 io dhcpd: Wrote 0 deleted host decls to leases file.
Apr 22 20:49:21 io dhcpd: Wrote 0 new dynamic host decls to leases file.
Apr 22 20:49:21 io dhcpd: Wrote 31 leases to leases file.
Apr 22 20:49:21 io dhcpd: Open a socket for LPF: Permission denied
Apr 22 20:49:21 io kernel: [168459.938698] type=1400 audit(1366678161.188:42): apparmor="DENIED" operation="create" parent=1 profile="/usr/sbin/dhcpd" pid=2443 comm="dhcpd" family="packet" sock_type="raw" protocol=768
Apr 22 20:49:21 io dhcpd: Wrote 0 deleted host decls to leases file.
Apr 22 20:49:21 io dhcpd: Wrote 0 new dynamic host decls to leases file.
Apr 22 20:49:21 io dhcpd: Wrote 31 leases to leases file.
Apr 22 20:49:21 io dhcpd: Open a socket for LPF: Permission denied
Apr 22 20:49:21 io kernel: [168460.091513] type=1400 audit(1366678161.340:43): apparmor="DENIED" operation="create" parent=1 profile="/usr/sbin/dhcpd" pid=2482 comm="dhcpd" family="packet" sock_type="raw" protocol=768
Apr 22 20:49:21 io dhcpd: Wrote 0 deleted host decls to leases file.
Apr 22 20:49:21 io dhcpd: Wrote 0 new dynamic host decls to leases file.
Apr 22 20:49:21 io dhcpd: Wrote 31 leases to leases file.
Apr 22 20:49:21 io dhcpd: Open a socket for LPF: Permission denied
Apr 22 20:49:21 io kernel: [168460.404076] type=1400 audit(1366678161.656:44): apparmor="DENIED" operation="create" parent=1 profile="/usr/sbin/dhcpd" pid=2491 comm="dhcpd" family="packet" sock_type="raw" protocol=768
Apr 22 20:49:21 io dhcpd: Wrote 0 deleted host decls to leases file.
Apr 22 20:49:21 io dhcpd: Wrote 0 new dynamic host decls to leases file.
Apr 22 20:49:21 io dhcpd: Wrote 31 leases to leases file.
Apr 22 20:49:21 io dhcpd: Open a socket for LPF: Permission denied
Apr 22 20:49:21 io kernel: [168460.487047] type=1400 audit(1366678161.736:45): apparmor="DENIED" operation="create" parent=1 profile="/usr/sbin/dhcpd" pid=2498 comm="dhcpd" family="packet" sock_type="raw" protocol=768
Apr 22 20:49:21 io dhcpd: Wrote 0 deleted host decls to leases file.
Apr 22 20:49:21 io dhcpd: Wrote 0 new dynamic host decls to leases file.
Apr 22 20:49:21 io dhcpd: Wrote 31 leases to leases file.
Apr 22 20:49:21 io dhcpd: Open a socket for LPF: Permission denied
pr 23 07:14:39 io dhcpd: Wrote 31 leases to leases file.
Apr 23 07:14:40 io dhcpd: Open a socket for LPF: Permission denied
Apr 23 07:14:40 io kernel: [ 49.077715] type=1400 audit(1366715680.165:46): apparmor="DENIED" operation="create" parent=1 profile="/usr/sbin/dhcpd" pid=1817 comm="dhcpd" family="packet" sock_type="raw" protocol=768
Apr 23 07:14:40 io dhcpd: Wrote 0 deleted host decls to leases file.
Apr 23 07:14:40 io dhcpd: Wrote 0 new dynamic host decls to leases file.
Apr 23 07:14:40 io dhcpd: Wrote 31 leases to leases file.
Apr 23 07:14:40 io dhcpd: Open a socket for LPF: Permission denied
Apr 23 07:14:40 io kernel: [ 49.248752] type=1400 audit(1366715680.337:47): apparmor="DENIED" operation="create" parent=1 profile="/usr/sbin/dhcpd" pid=1892 comm="dhcpd" family="packet" sock_type="raw" protocol=768
Apr 23 07:14:40 io dhcpd: Wrote 0 deleted host decls to leases file.
Apr 23 07:14:40 io dhcpd: Wrote 0 new dynamic host decls to leases file.
Apr 23 07:14:40 io dhcpd: Wrote 31 leases to leases file.
Apr 23 07:14:40 io dhcpd: Open a socket for LPF: Permission denied
Apr 23 07:14:40 io kernel: [ 49.509316] type=1400 audit(1366715680.597:48): apparmor="DENIED" operation="create" parent=1 profile="/usr/sbin/dhcpd" pid=2101 comm="dhcpd" family="packet" sock_type="raw" protocol=768
Apr 23 07:14:40 io dhcpd: Wrote 0 deleted host decls to leases file.
Apr 23 07:14:40 io dhcpd: Wrote 0 new dynamic host decls to leases file.
Apr 23 07:14:40 io dhcpd: Wrote 31 leases to leases file.
Apr 23 07:14:41 io dhcpd: Open a socket for LPF: Permission denied
Apr 23 07:14:41 io kernel: [ 49.956465] type=1400 audit(1366715681.045:49): apparmor="DENIED" operation="create" parent=1 profile="/usr/sbin/dhcpd" pid=2119 comm="dhcpd" family="packet" sock_type="raw" protocol=768
Apr 23 07:14:41 io dhcpd: Wrote 0 deleted host decls to leases file.
Apr 23 07:14:41 io dhcpd: Wrote 0 new dynamic host decls to leases file.
Apr 23 07:14:41 io dhcpd: Wrote 31 leases to leases file.
Apr 23 07:14:41 io dhcpd: Open a socket for LPF: Permission denied
Apr 23 07:14:41 io kernel: [ 50.147287] type=1400 audit(1366715681.237:50): apparmor="DENIED" operation="create" parent=1 profile="/usr/sbin/dhcpd" pid=2139 comm="dhcpd" family="packet" sock_type="raw" protocol=768
Apr 23 07:14:41 io dhcpd: Wrote 0 deleted host decls to leases file.
Apr 23 07:14:41 io dhcpd: Wrote 0 new dynamic host decls to leases file.
Apr 23 07:14:41 io dhcpd: Wrote 31 leases to leases file.
Apr 23 07:14:41 io dhcpd: Open a socket for LPF: Permission denied
Apr 23 07:14:41 io kernel: [ 50.332243] type=1400 audit(1366715681.421:51): apparmor="DENIED" operation="create" parent=1 profile="/usr/sbin/dhcpd" pid=2154 comm="dhcpd" family="packet" sock_type="raw" protocol=768
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1171838/+subscriptions
More information about the foundations-bugs
mailing list