ubuntu Intrepid 8.10 is affected (at least if using cups via samba...)
/var/log/messages:
Jan 18 19:58:39 foo-srv cupsd: pam_sm_authenticate: Called
Jan 18 19:58:39 foo-srv cupsd: pam_sm_authenticate: username = [foo]
Jan 18 19:58:39 foo-srv cupsd: Error attempting to parse .ecryptfsrc file; rc = [-5]
Jan 18 19:58:39 foo-srv cupsd: Unable to read salt value from user's .ecryptfsrc file; using default
Jan 18 19:58:43 foo-srv kernel: [2945243.383955] type=1503 audit(1263841123.274:2033): operation="inode_permission" requested_mask="r::" denied_mask="r::" fsuid=1000 name="/home/foo/.ecryptfs/wrapped-passphrase" pid=20122 profile="/usr/sbin/cupsd"
Jan 18 19:58:43 foo-srv kernel: [2945243.648055] type=1503 audit(1263841123.534:2034): operation="inode_permission" requested_mask="rw::" denied_mask="rw::" fsuid=0 name="/var/lib/samba/group_mapping.ldb" pid=17608 profile="/usr/sbin/cupsd"
Jan 18 19:58:43 foo-srv kernel: [2945243.653133] type=1503 audit(1263841123.544:2035): operation="inode_permission" requested_mask="rw::" denied_mask="rw::" fsuid=0 name="/var/lib/samba/group_mapping.ldb" pid=17608 profile="/usr/sbin/cupsd"
/var/log/cups/error_log:
ltdb: tdb((null)): tdb_open_ex: could not open file /var/lib/samba/group_mapping.ldb: Permission denied
Unable to open tdb '/var/lib/samba/group_mapping.ldb'
Failed to connect to '/var/lib/samba/group_mapping.ldb'
ltdb: tdb((null)): tdb_open_ex: could not open file /var/lib/samba/group_mapping.ldb: Permission denied
Unable to open tdb '/var/lib/samba/group_mapping.ldb'
Failed to connect to '/var/lib/samba/group_mapping.ldb'
No corruption in /var/lib/samba/secrets.tdb yet.
But cups is VERY slow, because of this access violation...
i've attached an ubuntu 8.10 diff for apparmor_2.3+1289-0ubuntu4 .
ubuntu Intrepid 8.10 is affected (at least if using cups via samba...)
/var/log/messages: authenticate: Called authenticate: username = [foo] 3.274:2033) : operation= "inode_ permission" requested_ mask="r: :" denied_mask="r::" fsuid=1000 name="/ home/foo/ .ecryptfs/ wrapped- passphrase" pid=20122 profile= "/usr/sbin/ cupsd" 3.534:2034) : operation= "inode_ permission" requested_ mask="rw: :" denied_mask="rw::" fsuid=0 name="/ var/lib/ samba/group_ mapping. ldb" pid=17608 profile= "/usr/sbin/ cupsd" 3.544:2035) : operation= "inode_ permission" requested_ mask="rw: :" denied_mask="rw::" fsuid=0 name="/ var/lib/ samba/group_ mapping. ldb" pid=17608 profile= "/usr/sbin/ cupsd"
Jan 18 19:58:39 foo-srv cupsd: pam_sm_
Jan 18 19:58:39 foo-srv cupsd: pam_sm_
Jan 18 19:58:39 foo-srv cupsd: Error attempting to parse .ecryptfsrc file; rc = [-5]
Jan 18 19:58:39 foo-srv cupsd: Unable to read salt value from user's .ecryptfsrc file; using default
Jan 18 19:58:43 foo-srv kernel: [2945243.383955] type=1503 audit(126384112
Jan 18 19:58:43 foo-srv kernel: [2945243.648055] type=1503 audit(126384112
Jan 18 19:58:43 foo-srv kernel: [2945243.653133] type=1503 audit(126384112
/var/log/ cups/error_ log: samba/group_ mapping. ldb: Permission denied samba/group_ mapping. ldb' samba/group_ mapping. ldb' samba/group_ mapping. ldb: Permission denied samba/group_ mapping. ldb' samba/group_ mapping. ldb'
ltdb: tdb((null)): tdb_open_ex: could not open file /var/lib/
Unable to open tdb '/var/lib/
Failed to connect to '/var/lib/
ltdb: tdb((null)): tdb_open_ex: could not open file /var/lib/
Unable to open tdb '/var/lib/
Failed to connect to '/var/lib/
No corruption in /var/lib/ samba/secrets. tdb yet.
But cups is VERY slow, because of this access violation...
i've attached an ubuntu 8.10 diff for apparmor_ 2.3+1289- 0ubuntu4 .