[Apparmor-general] permission denied at boot, but is fine
later on?
Steve Beattie
steve at nxnw.org
Thu Oct 23 09:28:50 MDT 2008
On Thu, Oct 23, 2008 at 03:19:00PM +0200, Per Jessen wrote:
> John Johansen wrote:
>
> >> what does the full expanded profile look like?
> >> apparmor_parser -p /etc/apparmod.d/sbin.syslog-ng
> >
>
> Have attached it to the bugreport.
>
> >> It looks like the permissions for /var/log should be rw, but why
> >> isn't this corrected by aa-genprof, and why isn't it a problem when I
> >> restart syslog-ng?
> >>
> > There are a few possibilities. While I haven't tested this with
> > syslog-ng, it is not unheard of that restart does something slightly
> > different than start. Also start and restart may do slightly
> > different things depending on what services are up or what files
> > exist.
> >
> > Some questions
> > - do you get the message when you boot your machine
>
> Yep.
>
> > - do you get the message if you run rcsyslog stop, rcsyslog start
> > instead of rcsyslog restart?
>
> I haven't tried it, but the init-script makes restart = stop + start, so
> there shouldn't be much difference.
Another thing to experiment with is whether /var/log/bwbemag exists when
syslog-ng is restarted, and see if that reproduces the rejection.
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://forge.novell.com/pipermail/apparmor-general/attachments/20081023/2e7b07a6/attachment.pgp
More information about the Apparmor-general
mailing list