[Bug 2061726] Re: rsyslog apparmor denial on reading /proc/sys/net/ipv6/conf/all/disable_ipv6

Ravi Kant Sharma 2061726 at bugs.launchpad.net
Thu Apr 25 09:02:04 UTC 2024 

** Tags removed: rls-nn-incoming

** Also affects: apparmor (Ubuntu)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to rsyslog in Ubuntu.
https://bugs.launchpad.net/bugs/2061726

Title:
  rsyslog apparmor denial on reading
  /proc/sys/net/ipv6/conf/all/disable_ipv6

Status in apparmor package in Ubuntu:
  New
Status in rsyslog package in Ubuntu:
  New

Bug description:
  One of our Cockpit integration tests [1] spotted an AppArmor
  regression in rsyslogd. This is coincidental, the test passes and it
  doesn't do anything with rsyslogd -- just something happens to happen
  in the background to trigger this (and I can actually reproduce it
  locally quite reliably).

  
  Mar 08 10:48:20 m1.cockpit.lan systemd[1]: dpkg-db-backup.service: Deactivated successfully.
  Mar 08 10:48:20 m1.cockpit.lan systemd[1]: Finished dpkg-db-backup.service - Daily dpkg database backup service.
  Mar 08 10:48:20 m1.cockpit.lan systemd[1]: rsyslog.service: Sent signal SIGHUP to main process 752 (rsyslogd) on client request.
  Mar 08 10:48:20 m1.cockpit.lan kernel: audit: type=1400 audit(1615200500.418:125): apparmor="DENIED" operation="open" class="file" profile="rsyslogd" name="/proc/sys/net/ipv6/conf/all/disable_ipv6" pid=752 comm="rsyslogd" requested_mask="r" denied_mask="r" fsuid=102 ouid=0
  Mar 08 10:48:20 m1.cockpit.lan kernel: audit: type=1400 audit(1615200500.418:126): apparmor="DENIED" operation="open" class="file" profile="rsyslogd" name="/proc/sys/net/ipv6/conf/all/disable_ipv6" pid=752 comm="rsyslogd" requested_mask="r" denied_mask="r" fsuid=102 ouid=0

  
  This happens on current Ubuntu 24.04 LTS noble devel, rsyslog 8.2312.0-3ubuntu8 and apparmor 4.0.0-beta3-0ubuntu3.

  [1] https://cockpit-logs.us-east-1.linodeobjects.com/pull-20317-ce39e07e-20240415-204952-ubuntu-stable-other/log.html#152
  [2] https://cockpit-logs.us-east-1.linodeobjects.com/pull-20317-ce39e07e-20240415-204952-ubuntu-stable-other/TestHistoryMetrics-testEvents-ubuntu-stable-127.0.0.2-2901-FAIL.log.gz

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2061726/+subscriptions

More information about the foundations-bugs mailing list