[Bug 289060] Re: named bind9 apparmor profile error
Christophe Vandeplas
christophe at vandeplas.com
Sat Oct 25 13:40:25 BST 2008
** Description changed:
Binary package hint: bind9
Bind doesn't start when IPv6 is enabled.
/var/log/messages tells me this:
Oct 25 12:42:53 minerva kernel: [ 2229.682759] type=1503 audit(1224931373.808:14): operation="inode_permission" requested_mask="::r" denied_mask="::r" fsuid=103 name="/proc/5722/net/if_inet6" pid=5723 profile="/usr/sbin/named"
This means apparmor is blocking access to the /proc/XXXX/net/if_inet6
file
Apparmor has the following configuration:
/etc/apparmor.d/usr.sbin.named:27: /proc/net/if_inet6 r,
This line should be changed in: /proc/**/net/if_inet6 r,
Restarting apparmor and bind with the new apparmor configuration
confirms it works now.
+
+ Ubuntu 8.10 \n \l
+ Bind
+ Architecture: i386
+ Version: 1:9.5.0.dfsg.P2-1ubuntu2
+
+ Package: apparmor-profiles
+ Architecture: i386
+ Source: apparmor
+ Version: 2.3+1289-0ubuntu4
--
named bind9 apparmor profile error
https://bugs.launchpad.net/bugs/289060
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in ubuntu.
More information about the Ubuntu-server-bugs
mailing list