10.04 odd apparmor behavior with chrooted bind

Serge Hallyn serge.hallyn at canonical.com
Thu Oct 21 19:49:49 UTC 2010


Quoting Aaron Bennett (abennett at clarku.edu):
> Hi,
> 
> I'm trying to get a chrooted bind working with apparmor.  
> 
> My problem is bind9 fails to start with "named:  chroot(): Permission denied" -- which tells me that I've got a problem with my apparmor profile.  However, if I do this:

Interesting - could you run that in 'strace -f' so we can see exactly
what fails?  The profile sure seems to be granting CAP_CHROOT...

I'd recommend opening a bug so the apparmor folks see it.

thanks,
-serge




More information about the ubuntu-server mailing list