Ubuntu
linux package

msg='apparmor="DENIED" operation="dbus_method_call"

Bug #1628835 reported by dino99
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Invalid
Medium
Unassigned

Bug Description

Get some apparmor 'DENIED' messages logged when booting with 4.8.0-17 kernel; this was not happening with some previous versions (at least 4.8.0-12) and no other upgrades can explain such apparmor messages, so blaming the kernel.

 oem@u64:~$ journalctl | grep DENIED

Sep 29 08:11:52 u64 audit[840]: USER_AVC pid=840 uid=101 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1" interface="org.freedesktop.resolve1.Manager" member="ResolveHostname" mask="send" name="org.freedesktop.resolve1" pid=1287 label="/usr/sbin/ntpd" peer_pid=1024 peer_label="unconfined"

Sep 29 08:11:52 u64 kernel: audit: type=1107 audit(1475129512.681:27): pid=840 uid=101 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1" interface="org.freedesktop.resolve1.Manager" member="ResolveHostname" mask="send" name="org.freedesktop.resolve1" pid=1287 label="/usr/sbin/ntpd" peer_pid=1024 peer_label="unconfined"

Sep 29 08:11:53 u64 audit[840]: USER_AVC pid=840 uid=101 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1" interface="org.freedesktop.resolve1.Manager" member="ResolveHostname" mask="send" name="org.freedesktop.resolve1" pid=1287 label="/usr/sbin/ntpd" peer_pid=1024 peer_label="unconfined"

Sep 29 08:11:53 u64 kernel: audit: type=1107 audit(1475129513.581:28): pid=840 uid=101 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1" interface="org.freedesktop.resolve1.Manager" member="ResolveHostname" mask="send" name="org.freedesktop.resolve1" pid=1287 label="/usr/sbin/ntpd" peer_pid=1024 peer_label="unconfined"

Sep 29 08:11:54 u64 audit[840]: USER_AVC pid=840 uid=101 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1" interface="org.freedesktop.resolve1.Manager" member="ResolveHostname" mask="send" name="org.freedesktop.resolve1" pid=1287 label="/usr/sbin/ntpd" peer_pid=1024 peer_label="unconfined"

Sep 29 08:11:54 u64 kernel: audit: type=1107 audit(1475129514.585:29): pid=840 uid=101 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1" interface="org.freedesktop.resolve1.Manager" member="ResolveHostname" mask="send" name="org.freedesktop.resolve1" pid=1287 label="/usr/sbin/ntpd" peer_pid=1024 peer_label="unconfined"

Sep 29 08:11:55 u64 audit[840]: USER_AVC pid=840 uid=101 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1" interface="org.freedesktop.resolve1.Manager" member="ResolveHostname" mask="send" name="org.freedesktop.resolve1" pid=1287 label="/usr/sbin/ntpd" peer_pid=1024 peer_label="unconfined"

Sep 29 08:11:55 u64 kernel: audit: type=1107 audit(1475129515.124:30): pid=840 uid=101 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/resolve1" interface="org.freedesktop.resolve1.Manager" member="ResolveHostname" mask="send" name="org.freedesktop.resolve1" pid=1287 label="/usr/sbin/ntpd" peer_pid=1024 peer_label="unconfined"

Note: i wonder if there is a relationship with the previous logged line before that error appear:
ntpd[1282]: Soliciting pool server .....

ProblemType: Bug
DistroRelease: Ubuntu 16.10
Package: linux-image-4.8.0-17-generic 4.8.0-17.19
ProcVersionSignature: Ubuntu 4.8.0-17.19-generic 4.8.0-rc7
Uname: Linux 4.8.0-17-generic x86_64
NonfreeKernelModules: nvidia_uvm nvidia_drm nvidia_modeset nvidia
ApportVersion: 2.20.3-0ubuntu7
Architecture: amd64
AudioDevicesInUse:
 USER PID ACCESS COMMAND
 /dev/snd/controlC1: oem 2213 F.... pulseaudio
 /dev/snd/pcmC0D0p: oem 2213 F...m pulseaudio
 /dev/snd/controlC0: oem 2213 F.... pulseaudio
CurrentDesktop: GNOME
Date: Thu Sep 29 10:58:44 2016
HibernationDevice: RESUME=UUID=0a9ca7f0-6eeb-4b21-b70f-670fa600de16
IwConfig:
 lo no wireless extensions.

 eth1 no wireless extensions.

 eth0 no wireless extensions.
Lsusb:
 Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
 Bus 003 Device 002: ID 046d:c062 Logitech, Inc. M-UAS144 [LS1 Laser Mouse]
 Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
 Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
MachineType: ASUSTEK COMPUTER INC P5W DH Deluxe
ProcFB: 0 VESA VGA
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.8.0-17-generic root=UUID=7c755ed6-51cc-4b75-88ac-9c75acf82749 ro
RelatedPackageVersions:
 linux-restricted-modules-4.8.0-17-generic N/A
 linux-backports-modules-4.8.0-17-generic N/A
 linux-firmware 1.161
RfKill:

SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 07/22/2010
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: 3002
dmi.board.asset.tag: To Be Filled By O.E.M.
dmi.board.name: P5W DH Deluxe
dmi.board.vendor: ASUSTeK Computer INC.
dmi.board.version: Rev 1.xx
dmi.chassis.asset.tag: Asset-1234567890
dmi.chassis.type: 3
dmi.chassis.vendor: Chassis Manufacture
dmi.chassis.version: Chassis Version
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr3002:bd07/22/2010:svnASUSTEKCOMPUTERINC:pnP5WDHDeluxe:pvrSystemVersion:rvnASUSTeKComputerINC.:rnP5WDHDeluxe:rvrRev1.xx:cvnChassisManufacture:ct3:cvrChassisVersion:
dmi.product.name: P5W DH Deluxe
dmi.product.version: System Version
dmi.sys.vendor: ASUSTEK COMPUTER INC

See original description
Revision history for this message
dino99 (9d9) wrote :
Revision history for this message
Brad Figg (brad-figg) wrote : Status changed to Confirmed

This change was made by a bot.

Changed in linux (Ubuntu):
status: New → Confirmed
Revision history for this message
Joseph Salisbury (jsalisbury) wrote :

Did this issue start happening after an update/upgrade? Was there a prior kernel version where you were not having this particular problem?

Would it be possible for you to test the latest upstream kernel? Refer to https://wiki.ubuntu.com/KernelMainlineBuilds . Please test the latest v4.8 kernel[0].

If this bug is fixed in the mainline kernel, please add the following tag 'kernel-fixed-upstream'.

If the mainline kernel does not fix this bug, please add the tag: 'kernel-bug-exists-upstream'.

Once testing of the upstream kernel is complete, please mark this bug as "Confirmed".

Thanks in advance.

[0] http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.8

Changed in linux (Ubuntu):
importance: Undecided → Medium
status: Confirmed → Incomplete
Revision history for this message
dino99 (9d9) wrote :

The first bug description sentence said it all: ... started with 4.8.0.17

and now using the final 4.8 kernel release (4.8.0.20) i also get the same errors logged.

Looks like a very close message was met some times ago:
 https://bugs.launchpad.net/ubuntu/+source/linux-mako/+bug/1473584

tags: added: kernel-bug-exists-upstream
Changed in linux (Ubuntu):
status: Incomplete → Confirmed
dino99 (9d9)
description: updated
Revision history for this message
dino99 (9d9) wrote :

The root cause seems related to the apparmor tcpdump profile Bug #1632399

Revision history for this message
Tyler Hicks (tyhicks) wrote :

Not quite. The root cause of these denials is the switch over to systemd-resolved for name resolution. This is being tracked in bug #1598759. The kernel is not at fault so I'm marking the linux task as invalid.

Changed in linux (Ubuntu):
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.