From unknown Fri Mar 29 09:56:46 2024 Received: (at submit) by bugs.devuan.org; 27 Apr 2019 15:10:02 +0000 Return-Path: Delivered-To: devuanbugs@dyne.org Received: from tupac3.dyne.org [195.169.149.119] by fulcanelli with IMAP (fetchmail-6.3.26) for (single-drop); Sat, 27 Apr 2019 17:10:02 +0200 (CEST) Received: from gil.mayfirst.org (gil.mayfirst.org [216.66.23.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by vm6.ganeti.dyne.org (Postfix) with ESMTPS id 31D3CF60972 for ; Sat, 27 Apr 2019 17:04:44 +0200 (CEST) Received: from gil.mayfirst.org (unknown [127.0.0.1]) by gil.mayfirst.org (Postfix) with ESMTP id 305DC5E96; Sat, 27 Apr 2019 11:04:42 -0400 (EDT) Received: from [127.0.0.1] (localhost [127.0.0.1]) (Authenticated sender: xxxxx) with ESMTPSA id 016A15E82 Received: by debian.local (Postfix, from userid 1000) id AE1488040; Sat, 27 Apr 2019 10:04:39 -0500 (CDT) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Luigi Bai To: Devuan Bug Tracking System Subject: apparmor: Add /etc/mdns.allow to abstractions/mdns Message-ID: <155637747898.16775.9163846764972860518.reportbug@lpblinvm.vm.kandl.houston.tx.us> X-Mailer: reportbug 7.5.1+devuan1 Date: Sat, 27 Apr 2019 10:04:39 -0500 X-Virus-Scanned: ClamAV using ClamSMTP X-Spam-Status: No, score=-2.3 required=5.0 tests=RCVD_IN_DNSWL_MED,SPF_PASS, UNPARSEABLE_RELAY autolearn=disabled version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on tupac3.dyne.org Package: apparmor Version: 2.13.2-10 Severity: important Dear Maintainer, * What led up to the situation? Executables protected by apparmor cannot reach MDNS suffixes declared in /etc/mdns.allow, and probed by libnss-mdns. Please see /usr/share/doc/libnss-mdns/README.md.gz in package libnss-mdns. * What exactly did you do (or not do) that was effective (or ineffective)? Attempt to use, e.g., ntpd to connect to an MNDS domain that isn't .local. * What was the outcome of this action? Failure, and a DENIED entry in the kernel to /etc/mdns.allow * What outcome did you expect instead? access to the host on the non-.local MDNS domain. Proposed fix: add /etc/mnds.allow to abstractions/mnds. This fix works for me. -- System Information: Distributor ID: Devuan Description: Devuan GNU/Linux beowulf/ceres Release: 10 Codename: n/a Architecture: x86_64 Kernel: Linux 4.19.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) LSM: AppArmor: enabled Versions of packages apparmor depends on: ii debconf [debconf-2.0] 1.5.71 ii libc6 2.28-8 ii lsb-base 10.2019031300 ii python3 3.7.2-1 apparmor recommends no packages. Versions of packages apparmor suggests: pn apparmor-profiles-extra ii apparmor-utils 2.13.2-10 -- Configuration Files: /etc/apparmor.d/abstractions/mdns changed [not included] -- debconf information excluded From unknown Fri Mar 29 09:56:46 2024 Received: (at 321-done) by bugs.devuan.org; 3 Feb 2023 14:52:44 +0000 Return-Path: Delivered-To: bugs@devuan.org Received: from email.devuan.org [2001:41d0:2:d06e::5c4:2612] by doc.devuan.org with IMAP (fetchmail-6.4.16) for (single-drop); Fri, 03 Feb 2023 14:52:44 +0000 (UTC) Received: from email.devuan.org by email.devuan.org with LMTP id 6B/fE6sf3WMGGAAAmSBk0A (envelope-from ) for ; Fri, 03 Feb 2023 14:52:27 +0000 Received: by email.devuan.org (Postfix, from userid 109) id 40CC8A05; Fri, 3 Feb 2023 14:52:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on email.devuan.org X-Spam-Level: X-Spam-Status: No, score=0.4 required=5.0 tests=RDNS_DYNAMIC,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=193.36.131.86; helo=mx.hindley.org.uk; envelope-from=mark@hindley.org.uk; receiver= Received: from mx.hindley.org.uk (193-36-131-86.cfwn.uk [193.36.131.86]) by email.devuan.org (Postfix) with ESMTPS id E0F42597 for <321-done@bugs.devuan.org>; Fri, 3 Feb 2023 14:52:26 +0000 (UTC) Received: from apollo.hindleynet ([192.168.1.3] helo=hindley.org.uk) by mx.hindley.org.uk with smtp (Exim 4.84_2) (envelope-from ) id 1pNxQO-00044Z-V6; Fri, 03 Feb 2023 14:52:25 +0000 Received: (nullmailer pid 20853 invoked by uid 1000); Fri, 03 Feb 2023 14:52:24 -0000 Date: Fri, 3 Feb 2023 14:52:24 +0000 From: Mark Hindley To: Luigi Bai , 321-done@bugs.devuan.org Subject: Re: bug#321: apparmor: Add /etc/mdns.allow to abstractions/mdns Message-ID: References: <155637747898.16775.9163846764972860518.reportbug@lpblinvm.vm.kandl.houston.tx.us> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <155637747898.16775.9163846764972860518.reportbug@lpblinvm.vm.kandl.houston.tx.us> X-Debbugs-No-Ack: No Thanks Version: 3.0.0-1 Fixed in Debian. Closing. Mark