[opensuse-factory] Factory 12.1 : trouble with pam_apparmor
I log lot's of Jul 17 21:33:42 localhost su: pam_apparmor(su-l:session): Unknown error occurred changing to postgres hat: Operation not permitted Jul 17 21:34:08 localhost login[3497]: pam_apparmor(login:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:36:00 localhost login[4656]: pam_apparmor(login:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:37:56 localhost login[4884]: pam_apparmor(login:session): Unknown error occurred changing to ioda hat: Opération non permise Jul 17 21:41:35 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:41:50 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:42:18 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:42:35 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:42:50 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:43:39 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:44:00 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:44:15 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:44:18 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:44:30 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:44:44 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:44:55 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:44:55 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:46:47 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:47:23 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:48:17 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:48:59 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:49:15 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:49:21 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:49:58 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:50:03 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:50:10 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:50:17 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 17 21:52:27 localhost login[3499]: pam_apparmor(login:session): Unknown error occurred changing to ioda hat: Opération non permise Jul 17 21:54:09 localhost kdm: :0[6271]: pam_apparmor(xdm:session): Unknown error occurred changing to ioda hat: Operation not permitted Jul 18 08:14:08 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 18 08:14:43 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 18 08:14:47 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 18 08:15:00 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 18 08:17:33 localhost su: pam_apparmor(su-l:session): Unknown error occurred changing to root hat: Opération non permise Jul 18 08:20:54 localhost sudo: pam_apparmor(sudo:session): Unknown error occurred changing to root hat: Opération non permise Jul 18 08:25:17 localhost su: pam_apparmor(su-l:session): Unknown error occurred changing to root hat: Opération non permise Jul 18 08:26:13 localhost su: pam_apparmor(su-l:session): Unknown error occurred changing to root hat: Opération non permise Jul 18 08:48:32 localhost su: pam_apparmor(su-l:session): Unknown error occurred changing to root hat: Opération non permise Opération non permise = Operation non permitted When I've tried the new F5 -> systemd boot I just get a console and when I try to login I just get also this message and cannot boot. Anybody see that too ? Disabling apparmor seems to help in that case, but should be considered as a bad idea no ? ps : proper systemd trace and log will follow -- Bruno Friedmann Ioda-Net Sàrl www.ioda-net.ch openSUSE Member & Ambassador GPG KEY : D5C9B751C4653227 irc: tigerfoot -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
Hello, on Montag, 18. Juli 2011, Bruno Friedmann wrote:
Jul 17 21:33:42 localhost su: pam_apparmor(su-l:session): Unknown error occurred changing to postgres hat: Operation not permitted
Does your /var/log/audit/audit.log contain useful hints? It might be that you "just" have a too strict profile... (If unsure, upload the audit.log somewhere and post the link.) Regards, Christian Boltz --
Ich an seiner Stelle hätte den Fotografen reallife geplonkt. Wie entsteht denn in "reallife" dein *PLONK*? Beim Einschlag der Faust auf dem Auge? man "Ernst August" [Torsten Wiens und Cornell Binder in datr-s] -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
On 07/18/2011 10:07 AM, Christian Boltz wrote:
Hello,
on Montag, 18. Juli 2011, Bruno Friedmann wrote:
Jul 17 21:33:42 localhost su: pam_apparmor(su-l:session): Unknown error occurred changing to postgres hat: Operation not permitted
Does your /var/log/audit/audit.log contain useful hints? It might be that you "just" have a too strict profile...
(If unsure, upload the audit.log somewhere and post the link.)
Regards,
Christian Boltz
Here it is http://dl.dropbox.com/u/13333867/openSUSE/factory_pam-apparmor_errors.audit.... I didn't touch the profile of apparmor, just the full plain default after a factory 12.1 M3 install -- Bruno Friedmann Ioda-Net Sàrl www.ioda-net.ch openSUSE Member & Ambassador GPG KEY : D5C9B751C4653227 irc: tigerfoot -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
Hello, on Montag, 18. Juli 2011, Bruno Friedmann wrote:
On 07/18/2011 10:07 AM, Christian Boltz wrote:
on Montag, 18. Juli 2011, Bruno Friedmann wrote:
Jul 17 21:33:42 localhost su: pam_apparmor(su-l:session): Unknown error occurred changing to postgres hat: Operation not permitted
Does your /var/log/audit/audit.log contain useful hints? It might be that you "just" have a too strict profile...
http://dl.dropbox.com/u/13333867/openSUSE/factory_pam-apparmor_errors.audit....
I didn't touch the profile of apparmor, just the full plain default after a factory 12.1 M3 install
Quoting some lines from your audit.log: type=AVC msg=audit(1310976216.909:29): apparmor="DENIED" operation="change_hat" info="unconfined" error=-1 pid=2099 comm="su" type=AVC msg=audit(1310976249.728:30): apparmor="DENIED" operation="change_hat" info="unconfined" error=-1 pid=3612 comm="login" type=AVC msg=audit(1310978281.361:30): apparmor="DENIED" operation="change_hat" info="unconfined" error=-1 pid=3096 comm="kdm" Looks like my guess was correct ;-) Please - run cp -a /etc/apparmor.d /etc/apparmor.d_ORIG - run aa_logprof and allow the requested permissions - run diff -ru /etc/apparmor.d_ORIG/ /etc/apparmor.d/ > /tmp/apparmor.diff - open a bugreport, attach /tmp/apparmor.diff and your audit.log. Please CC me (just type "cboltz" in the CC field) or tell me the bug number. Regards, Christian Boltz --
Habt ihr noch einen Vorschlag, wie ich das System beschleunigen könnte? Aus dem Fenster werfen. Beschleunigung mit 9,82 m/s² [> Jan Voehringer und Holger Krull in suse-linux] -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
On 07/18/2011 02:54 PM, Christian Boltz wrote:
Hello,
on Montag, 18. Juli 2011, Bruno Friedmann wrote:
On 07/18/2011 10:07 AM, Christian Boltz wrote:
on Montag, 18. Juli 2011, Bruno Friedmann wrote:
Jul 17 21:33:42 localhost su: pam_apparmor(su-l:session): Unknown error occurred changing to postgres hat: Operation not permitted
Does your /var/log/audit/audit.log contain useful hints? It might be that you "just" have a too strict profile...
http://dl.dropbox.com/u/13333867/openSUSE/factory_pam-apparmor_errors.audit....
I didn't touch the profile of apparmor, just the full plain default after a factory 12.1 M3 install
Quoting some lines from your audit.log:
type=AVC msg=audit(1310976216.909:29): apparmor="DENIED" operation="change_hat" info="unconfined" error=-1 pid=2099 comm="su" type=AVC msg=audit(1310976249.728:30): apparmor="DENIED" operation="change_hat" info="unconfined" error=-1 pid=3612 comm="login" type=AVC msg=audit(1310978281.361:30): apparmor="DENIED" operation="change_hat" info="unconfined" error=-1 pid=3096 comm="kdm"
Looks like my guess was correct ;-)
Please - run cp -a /etc/apparmor.d /etc/apparmor.d_ORIG - run aa_logprof and allow the requested permissions - run diff -ru /etc/apparmor.d_ORIG/ /etc/apparmor.d/ > /tmp/apparmor.diff - open a bugreport, attach /tmp/apparmor.diff and your audit.log. Please CC me (just type "cboltz" in the CC field) or tell me the bug number.
Regards,
Christian Boltz
Hi Christian, I've not forget, just a yet another damned busy week :-) After pushing your recommendations I get this aa-logprof Reading log entries from /var/log/audit/audit.log. Updating AppArmor profiles in /etc/apparmor.d. c-3po:~ # cat /tmp/apparmor.diff Which suppose aren't really helpful ... Did one of the week update in factory fix it The most annoying, is when I try to setup something in Yast2 actually, I've errors like frontend & backend not synchronized etc... I will try to purge app_armor, then setup it again just to be sure. But this install is quite new and I normally doesn't touch anything in it. -- Bruno Friedmann Ioda-Net Sàrl www.ioda-net.ch openSUSE Member & Ambassador GPG KEY : D5C9B751C4653227 irc: tigerfoot -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
participants (2)
-
Bruno Friedmann
-
Christian Boltz