[Bug 596859] [NEW] ntp profile denies write access to serial devices
Paul Crawford
psc at sat.dundee.ac.uk
Mon Jun 21 13:20:50 BST 2010
Public bug reported:
Binary package hint: ntp
While reporting and testing for bug #596010 using the 10.04 release
candidate I found that the intended user-tunable apparmor options in
/etc/apparmor.d/tunables/ntpd do not work correctly due to the settings
in /etc/apparmor.d/usr.sbin.ntpd including them with read-only
permission.
While it might initially seem reasonable that you just 'read' the time
from a serial port GPS or similar, in practice most of the drivers for
serial clocks also need write-access to configure and/or poll them for
the time.
I found that changing line 35 in /etc/apparmor.d/usr.sbin.ntpd from:
@{NTPD_DEVICE} r,
to this:
@{NTPD_DEVICE} rw,
seems to fix things so allowing /dev/ttyS* in the tunables works OK.
** Affects: ntp (Ubuntu)
Importance: Undecided
Status: New
--
ntp profile denies write access to serial devices
https://bugs.launchpad.net/bugs/596859
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in ubuntu.
More information about the Ubuntu-server-bugs
mailing list