Devuan bug report logs -
#316
Package 'haveged' wont start on Devuan Beowulf due to broken PID file specification
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#316; Package haveged.
(full text, mbox, link).
Acknowledgement sent to Mike Tubby <mike@tubby.org>:
New bug report received and forwarded. Copy sent to owner@bugs.devuan.org.
(full text, mbox, link).
Message #5 received at submit@bugs.devuan.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: haveged
Version: 1.9.1-6
Dell R210-II servers upgraded to Beowulf on 12th April 2019, now package
'haveged' (entropy daemon) fails to start:
a) at boot
b) via 'service haveged start'
c) from the command line, if the PID file is specified
All attempts at running haveged result in an apparmor/audit as follows:
Apr 12 21:54:41 ns0 kernel: [ 4684.518633] audit: type=1400
audit(1555102481.459:19): apparmor="DENIED" operation="mknod"
profile="/usr/sbin/haveged" *name="/run/haveged.pid"* pid=9474
comm="haveged" requested_mask="c" denied_mask="c" fsuid=0 ouid=0
With apparmor suggesting that haveged is being refused permission for
haveged to make a node, for the pid file
Stopping apparmor with 'aa-teardown' allows haveged to start as expected:
root@ns0:/etc/apparmor.d/local# aa-teardown
Unloading AppArmor profiles
root@ns0:/etc/apparmor.d/local# service haveged restart
[ ok ] Restarting entropy daemon: haveged.
root@ns0:/etc/apparmor.d/local# ps ax | grep haveged
9741 ? Ss 0:00 /usr/sbin/haveged -w 1024
9761 pts/0 S+ 0:00 grep haveged
root@ns0:/etc/apparmor.d/local#
Haveged is documented as using the path /var/run/haveged.pid by default
and not /run/haveged.pid. Checking the binary with 'strings' confirms this:
root@ns0:/etc/apparmor.d/local# strings /usr/sbin/haveged | grep pid
getpid
pidfile
/var/run/haveged.pid
daemon pidfile, default: /var/run/haveged.pid
root@ns0:/etc/apparmor.d/local#
Adding an entry to /etc/apparmor.d/local/usr.sbin.haveged as follows:
root@ns0:/etc/apparmor.d/local# cat usr.sbin.haveged
# Site-specific additions and overrides for usr.sbin.haveged.
# For more details, please see /etc/apparmor.d/local/README.
/var/run/haveged.pid rw,
/run/haveged.pid rw,
Allows haveged to work as expected.
Clearly something with haveged and/or apparmor is broken here...
Mike
[Message part 2 (text/html, inline)]
Information forwarded
to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#316; Package haveged.
(Tue, 14 Jan 2020 19:18:01 GMT) (full text, mbox, link).
Message #8 received at 316@bugs.devuan.org (full text, mbox, reply):
Control: tag -1 beowulf debian
Mike
Thanks.
This seems to be Debian #911604 which is fixed in version 1.9.1-8,
but not buster.
At least there is a configuration workaround.
Mark
Added tag(s) beowulf and debian.
Request was from Mark Hindley <mark@hindley.org.uk>
to 316-submit@bugs.devuan.org.
(Tue, 14 Jan 2020 19:18:07 GMT) (full text, mbox, link).
Reply sent
to Mark Hindley <mark@hindley.org.uk>:
You have taken responsibility.
(Tue, 10 Jan 2023 15:20:01 GMT) (full text, mbox, link).
Notification sent
to Mike Tubby <mike@tubby.org>:
bug acknowledged by developer.
(Tue, 10 Jan 2023 15:20:05 GMT) (full text, mbox, link).
Message #17 received at 316-done@bugs.devuan.org (full text, mbox, reply):
Version: 1.9.1-8
Send a report that this bug log contains spam.