[Pkg-dns-devel] Bug#891705: Apparmor policy prevents chown/chmod of the Unix control socket
Simon Deziel
simon at sdeziel.info
Wed Feb 28 04:28:45 UTC 2018
Package: unbound
Version: 1.6.7-1
Dear maintainer,
An Ubuntu user reported an issue [1] with the unbound's Apparmor profile
that prevents unbound from chown'ing and chmod'ing the Unix control
socket if used (non-default). To reproduce:
# cat << EOF > /etc/unbound/unbound.conf.d/remote-control.conf
remote-control:
control-enable: yes
control-interface: /run/unbound.ctl
EOF
# service unbound restart
# ls -l /run/unbound.ctl
Without the fix, ls -l returns this:
srw-rw---- 1 root root 0 Feb 23 18:40 /run/unbound.ctl=
But should return:
srw-rw---- 1 unbound unbound 0 Feb 23 18:38 /run/unbound.ctl=
Regards,
Simon
1: https://bugs.launchpad.net/ubuntu/+source/unbound/+bug/1749931
More information about the pkg-dns-devel
mailing list