ufw

Bug #1808463
Comment #5

Comment 5 for bug 1808463

Revision history for this message

Luke Walker (alexdee) wrote on 2018-12-14: Re: [Bug 1808463] Re: ERROR: problem running ufw-init Could not find /lib/ufw/ufw-init-functions (aborting)

Running "apt purge ufw" beforehand makes the difference for me.

Regardless, looks like a snappy/AppArmor bug, not ufw. Thanks!

[74152.551988] audit: type=1400 audit(1544822995.473:428):
apparmor="DENIED" operation="ptrace"
namespace="root//lxd-c2_<var-snap-lxd-common-lxd>"
profile="snap.ufw.ufw" pid=18723 comm="python3" requested_mask="trace"
denied_mask="trace" peer="snap.ufw.ufw"
[74152.552268] audit: type=1400 audit(1544822995.477:429):
apparmor="DENIED" operation="ptrace"
namespace="root//lxd-c2_<var-snap-lxd-common-lxd>"
profile="snap.ufw.ufw" pid=18723 comm="python3" requested_mask="trace"
denied_mask="trace" peer="snap.ufw.ufw"
[74152.552917] audit: type=1400 audit(1544822995.477:430):
apparmor="DENIED" operation="ptrace"
namespace="root//lxd-c2_<var-snap-lxd-common-lxd>"
profile="snap.ufw.ufw" pid=18723 comm="python3" requested_mask="trace"
denied_mask="trace" peer="unconfined"
[74152.553151] audit: type=1400 audit(1544822995.477:431):
apparmor="DENIED" operation="ptrace"
namespace="root//lxd-c2_<var-snap-lxd-common-lxd>"
profile="snap.ufw.ufw" pid=18723 comm="python3" requested_mask="trace"
denied_mask="trace" peer="unconfined"

On Fri, Dec 14, 2018 at 1:00 PM Jamie Strandboge <email address hidden> wrote:

> It works fine for me using the lxd snap on an 18.04 host with an 18.04
> container:
>
> $ lxc launch ubuntu:18.04 c1
> Creating c1
> Starting c1
>
> $ lxc exec c1 /bin/bash
>
> root@c1:~# sudo snap install ufw
> ufw 0.36rc from Canonical✓ installed
>
> root@c1:~# sudo ufw enable
> Firewall is active and enabled on system startup
>
> ** Changed in: ufw
> Importance: High => Undecided
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1808463
>
> Title:
> ERROR: problem running ufw-init Could not find /lib/ufw/ufw-init-
> functions (aborting)
>
> Status in ufw:
> Incomplete
>
> Bug description:
> On fresh 18.04 lxc, I run the following series of commands
> 1. apt purge ufw
> 2. snap install ufw
> 3. /snap/bin/ufw enable
> ERROR: problem running ufw-init
> Could not find /lib/ufw/ufw-init-functions (aborting)
>
> >find / -name ufw-init-functions
> /var/snap/ufw/120/lib/ufw/ufw-init-functions
> /snap/ufw/120/lib/ufw/ufw-init-functions
>
> >ufw --version
> ufw 0.36rc
>
> >snap version
> snap 2.36.2
> snapd 2.36.2
> series 16
> ubuntu 18.04
> kernel 4.15.0-42-generic
>
> >snap info ufw
> name: ufw
> summary: ufw - Uncomplicated Firewall
> publisher: Canonical✓
> contact: https://bugs.launchpad.net/ufw/+filebug
> license: unset
> description: |
> ufw is a program for managing a netfilter firewall and aims to provide
> an easy to use experience
> for the user.
> commands:
> - ufw.conntrack
> - ufw.doc
> - ufw.init
> - ufw.ipset
> - ufw
> services:
> ufw.srv: oneshot, enabled, inactive
> snap-id: Jb8klqgs5djfejP5egB9Za8KYVK686Pe
> tracking: stable
> refresh-date: today at 02:18 UTC
> channels:
> stable: 0.36rc (120) 737kB -
> candidate: 0.36rc (120) 737kB -
> beta: 0.36rc (95) 733kB -
> edge: 0.36rc (200) 737kB -
> installed: 0.36rc (120) 737kB -
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/ufw/+bug/1808463/+subscriptions
>

Running "apt purge ufw" beforehand makes the difference for me.

Regardless, looks like a snappy/AppArmor bug, not ufw. Thanks!

On Fri, Dec 14, 2018 at 1:00 PM Jamie Strandboge <jamie@ubuntu.com> wrote:

> It works fine for me using the lxd snap on an 18.04 host with an 18.04
> container:
>
> $ lxc launch ubuntu:18.04 c1
> Creating c1
> Starting c1
>
> $ lxc exec c1 /bin/bash
>
> root@c1:~# sudo snap install ufw
> ufw 0.36rc from Canonical✓ installed
>
> root@c1:~# sudo ufw enable
> Firewall is active and enabled on system startup
>
> ** Changed in: ufw
>    Importance: High => Undecided
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1808463
>
> Title:
>   ERROR: problem running ufw-init Could not find /lib/ufw/ufw-init-
>   functions (aborting)
>
> Status in ufw:
>   Incomplete
>
> Bug description:
>   On fresh 18.04 lxc, I run the following series of commands
>   1. apt purge ufw
>   2. snap install ufw
>   3. /snap/bin/ufw enable
>   ERROR: problem running ufw-init
>   Could not find /lib/ufw/ufw-init-functions (aborting)
>
>   >find / -name ufw-init-functions
>   /var/snap/ufw/120/lib/ufw/ufw-init-functions
>   /snap/ufw/120/lib/ufw/ufw-init-functions
>
>   >ufw --version
>   ufw 0.36rc
>
>   >snap version
>   snap    2.36.2
>   snapd   2.36.2
>   series  16
>   ubuntu  18.04
>   kernel  4.15.0-42-generic
>
>   >snap info ufw
>   name:      ufw
>   summary:   ufw - Uncomplicated Firewall
>   publisher: Canonical✓
>   contact:   https://bugs.launchpad.net/ufw/+filebug
>   license:   unset
>   description: |
>     ufw is a program for managing a netfilter firewall and aims to provide
> an easy to use experience
>     for the user.
>   commands:
>     - ufw.conntrack
>     - ufw.doc
>     - ufw.init
>     - ufw.ipset
>     - ufw
>   services:
>     ufw.srv: oneshot, enabled, inactive
>   snap-id:      Jb8klqgs5djfejP5egB9Za8KYVK686Pe
>   tracking:     stable
>   refresh-date: today at 02:18 UTC
>   channels:
>     stable:    0.36rc (120) 737kB -
>     candidate: 0.36rc (120) 737kB -
>     beta:      0.36rc (95)  733kB -
>     edge:      0.36rc (200) 737kB -
>   installed:   0.36rc (120) 737kB -
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/ufw/+bug/1808463/+subscriptions
>