[Bug 1689387] Re: SSSD Prevented from Notifying Systemd on Startup by Apparmor
Andreas Hasenack
andreas at canonical.com
Mon Jun 19 20:59:30 UTC 2017
Did you change the apparmor profile to be in enforcing mode? By default
it's in complain mode as far as I can see:
lrwxrwxrwx 1 root root 16 Jun 19 20:48 /etc/apparmor.d/force-
complain/usr.sbin.sssd -> ../usr.sbin.sssd
That being said, I can see at least one more missing rule, this time for the chown capability:
[ 1690.540498] audit: type=1400 audit(1497905549.525:43): apparmor="ALLOWED" operation="capable" profile="/usr/sbin/sssd" pid=9946 comm="sssd" capability=0 capname="chown"
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1689387
Title:
SSSD Prevented from Notifying Systemd on Startup by Apparmor
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1689387/+subscriptions
More information about the Ubuntu-server-bugs
mailing list