http://bugzilla.opensuse.org/show_bug.cgi?id=1088736 Bug ID: 1088736 Summary: apparmor denies net_admin capability to smb, nmb and winbindd Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: openSUSE Factory Status: NEW Severity: Normal Priority: P5 - None Component: Samba Assignee: samba-maintainers@SuSE.de Reporter: susebugzilla@sajj.de QA Contact: samba-maintainers@SuSE.de Found By: --- Blocker: --- Hi there, updated yesterday to the latest TW snapshot VERSION_ID="20180406", but this seems to be happening since 20180404, as somebody in factory mailing list writes. After that smb, nmb and winbindd won't start, but instead throw errors. Looks, like apparmor denying some capability "net_admin". There is some bug from 2016, https://bugzilla.opensuse.org/show_bug.cgi?id=991901 which sounds similar, but is in state new/needinfo since 2017. alpha:~ # systemctl status smb ● smb.service - Samba SMB Daemon Loaded: loaded (/usr/lib/systemd/system/smb.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Mon 2018-04-09 19:49:51 CEST; 22s ago Process: 6652 ExecStart=/usr/sbin/smbd $SMBDOPTIONS (code=exited, status=1/FAILURE) Process: 6648 ExecStartPre=/usr/share/samba/update-apparmor-samba-profile (code=exited, status=0/SUCCESS) Main PID: 6652 (code=exited, status=1/FAILURE) Status: "daemon failed to start: Failed to create session" Error: 1 (Die Operation ist nicht erlaubt) AppArmor audit.log says: type=AVC msg=audit(1523296191.449:596): apparmor="DENIED" operation="capable" profile="/usr/sbin/smbd" pid=6652 comm="smbd" capability=12 capname="net_admin" type=AVC msg=audit(1523296254.959:597): apparmor="DENIED" operation="capable" profile="/usr/sbin/nmbd" pid=6667 comm="nmbd" capability=12 capname="net_admin" type=AVC msg=audit(1523296296.570:598): apparmor="DENIED" operation="capable" profile="/usr/sbin/winbindd" pid=6737 comm="winbindd" capability=12 capname="net_admin" Regards, Andreas -- You are receiving this mail because: You are on the CC list for the bug.