[Bug 1658233] Re: missing apparmor rules
Andreas Hasenack
andreas at canonical.com
Tue Aug 20 12:44:23 UTC 2019
eoan will have mysql-8 soon, so I installed it from proposed to verify.
These are the DENIED messages I got right after installation:
[ 580.067210] audit: type=1400 audit(1566304971.013:90): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=8427 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 580.068837] audit: type=1400 audit(1566304971.017:91): apparmor="DENIED" operation="capable" profile="/usr/sbin/mysqld" pid=8427 comm="mysqld" capability=2 capname="dac_read_search"
[ 580.088987] audit: type=1107 audit(1566304971.037:92): pid=688 uid=103 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/systemd1" interface="org.freedesktop.systemd1.Manager" member="GetDynamicUsers" mask="send" name="org.freedesktop.systemd1" pid=8427 label="/usr/sbin/mysqld" peer_pid=1 peer_label="unconfined"
exe="/usr/bin/dbus-daemon" sauid=103 hostname=? addr=? terminal=?'
[ 580.091224] audit: type=1400 audit(1566304971.037:93): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/etc/ssl/openssl.cnf" pid=8427 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=110 ouid=0
[ 580.104218] audit: type=1400 audit(1566304971.053:94): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=8428 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=110 ouid=0
[ 580.347414] audit: type=1400 audit(1566304971.293:95): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/etc/ssl/openssl.cnf" pid=8428 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=110 ouid=0
[ 580.861280] audit: type=1400 audit(1566304971.809:96): apparmor="DENIED" operation="mknod" profile="/usr/sbin/mysqld" name="/run/mysqld/mysqlx.sock.lock" pid=8428 comm="mysqld" requested_mask="c" denied_mask="c" fsuid=110 ouid=110
** Also affects: mysql-8.0 (Ubuntu)
Importance: Undecided
Status: New
** Changed in: mysql-8.0 (Ubuntu)
Status: New => Triaged
** Changed in: mysql-8.0 (Ubuntu)
Importance: Undecided => Medium
** Tags added: server-next
--
You received this bug notification because you are a member of Ubuntu
Server, which is subscribed to mysql-5.7 in Ubuntu.
Matching subscriptions: main
https://bugs.launchpad.net/bugs/1658233
Title:
missing apparmor rules
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.7/+bug/1658233/+subscriptions
More information about the Ubuntu-server-bugs
mailing list