Bug ID 1207698
Summary apparmor prevents nscd to be used with systemd-userdb
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component AppArmor
Assignee suse-beta@cboltz.de
Reporter fcrozat@suse.com
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

If systemd-userdb is used to configure some users (config files are stored in
either /etc/userdb/, /run/userdb/, /run/host/userdb/ and /usr/lib/userdb/ ),
apparmor blocks the access to those files for nscd which reports those users
are unavailable.

type=AVC msg=audit(1674829305.461:248): apparmor="DENIED" operation="open"
profile="nscd" name="/etc/userdb/gdm.user" pid=764 comm="nscd"
requested_mask="r" denied_mask="r" fsuid=477 ouid=0

type=AVC msg=audit(1674829500.449:278): apparmor="DENIED" operation="open"
profile="nscd" name="/etc/userdb/" pid=764 comm="nscd" requested_mask="r"
denied_mask="r" fsuid=477 ouid=0


those directories should be whitelisted

You are receiving this mail because: