[pkg-ntp-maintainers] Bug#883022: Bug#883022: ntp does not start with current AppArmor profile
Bernhard Schmidt
berni at debian.org
Thu Dec 7 12:25:01 UTC 2017
On 29.11.2017 00:15, Nuno Oliveira wrote:
Hi Nuno,
> I have 2 systems where this happens, but I also confirm that this does
> not happen on all systems (Debian testing) where ntp is installed. Any
> suggestions on how to diagnose this?
I've tried all I could think of in terms of base system variations, but
I still cannot reproduce it. I do see the apparmor denials as well, but
ntpd starts up fine.
Can you try whether allowing the offending calls in a local override
fixes this issue?
aa-disable /etc/apparmor.d/usr.sbin.ntpd
echo '/usr/local/{,s}bin/ r,' >> /etc/apparmor.d/local/usr.sbin.ntpd
aa-enforce /etc/apparmor.d/usr.sbin.ntpd
Does removing the apparmor profile allow ntpd to start in your case
(running the aa-disable command as seen above)?
Do you have anything special in your ntp.conf?
Bernhard
More information about the pkg-ntp-maintainers
mailing list