Apparmor parser error

I have tried to change the MySQL Data Directory to a New Location. Therefore I have changed the MySQL configuration file /etc/mysql/mysql.conf.d/mysqld.cnf and the apparmor file /etc/apparmor....

I have tried to change the MySQL Data Directory to a New Location.

Therefore I have changed the MySQL configuration file

/etc/mysql/mysql.conf.d/mysqld.cnf

and the apparmor file

/etc/apparmor.d/usr.sbin.mysqld

Unfortunately it did not work and I got the following error:

mysqld: Can't change dir to '/new/dir/mysql/' (Errcode: 13 - Permission denied)

I reinstalled both mysql and apparmor. Since then not even apparmor does work anymore. I get the following messages:

Error-messages:

root@Server:~# systemctl status apparmor.service
● apparmor.service - LSB: AppArmor initialization
   Loaded: loaded (/etc/init.d/apparmor; bad; vendor preset: enabled)
   Active: failed (Result: exit-code) since Fri 2018-08-24 09:24:24 CEST; 1min 41s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 19955 ExecStart=/etc/init.d/apparmor start (code=exited, status=123)

Aug 24 09:24:24 Server apparmor[19955]: AppArmor parser error for /etc/apparmor.d/usr.lib.dovecot.dict in /etc/apparmor.d/abstractions/nameservice at line 16: missing an end of line character? (entry: /usr/share/mysql/charsets/*.xml)
Aug 24 09:24:24 Server apparmor[19955]: AppArmor parser error for /etc/apparmor.d/usr.lib.snapd.snap-confine.real in /etc/apparmor.d/usr.lib.snapd.snap-confine.real at line 11: Could not open '/var/lib/snapd/apparmor/snap-confine'
Aug 24 09:24:24 Server apparmor[19955]: AppArmor parser error for /etc/apparmor.d/usr.sbin.dovecot in /etc/apparmor.d/abstractions/nameservice at line 16: missing an end of line character? (entry: /usr/share/mysql/charsets/*.xml)
Aug 24 09:24:24 Server apparmor[19955]: Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd
Aug 24 09:24:24 Server apparmor[19955]: AppArmor parser error for /etc/apparmor.d/usr.sbin.mysqld in /etc/apparmor.d/abstractions/winbind at line 13: missing an end of line character? (entry: /usr/share/mysql/charsets/*.xml)
Aug 24 09:24:24 Server apparmor[19955]:    ...fail!
Aug 24 09:24:24 Server systemd[1]: apparmor.service: Control process exited, code=exited status=123
Aug 24 09:24:24 Server systemd[1]: Failed to start LSB: AppArmor initialization.
Aug 24 09:24:24 Server systemd[1]: apparmor.service: Unit entered failed state.
Aug 24 09:24:24 Server systemd[1]: apparmor.service: Failed with result 'exit-code'.

I have tried to fix those errors for hours. But now I don’t have any clue anymore. Any suggestions what could be the problem?

EDIT: Content of the usr.sbin.mysqld-file

cat /etc/apparmor.d/usr.sbin.mysqld

# vim:syntax=apparmor
# Last Modified: Tue Feb 09 15:28:30 2016
#include <tunables/global>

/usr/sbin/mysqld flags=(complain) {
  #include <abstractions/base>
  #include <abstractions/nameservice>
  #include <abstractions/user-tmp>
  #include <abstractions/mysql>
  #include <abstractions/winbind>

# Allow system resource access
  /sys/devices/system/cpu/ r,
  capability sys_resource,
  capability dac_override,
  capability setuid,
  capability setgid,

# Allow network access
  network tcp,

  /etc/hosts.allow r,
  /etc/hosts.deny r,

# Allow config access
  /etc/mysql/** r,

# Allow pid, socket, socket lock file access
  /var/run/mysqld/mysqld.pid rw,
  /var/run/mysqld/mysqld.sock rw,
  /var/run/mysqld/mysqld.sock.lock rw,
  /run/mysqld/mysqld.pid rw,
  /run/mysqld/mysqld.sock rw,
  /run/mysqld/mysqld.sock.lock rw,

# Allow execution of server binary
  /usr/sbin/mysqld mr,
  /usr/sbin/mysqld-debug mr,

# Allow plugin access
  /usr/lib/mysql/plugin/ r,
  /usr/lib/mysql/plugin/*.so* mr,

# Allow error msg and charset access
  /usr/share/mysql/ r,
  /usr/share/mysql/** r,

# Allow data dir access
  /var/lib/mysql/ r,
  /var/lib/mysql/** rwk,

# Allow data files dir access
  /var/lib/mysql-files/ r,
  /var/lib/mysql-files/** rwk,

# Allow keyring dir access
  /var/lib/mysql-keyring/ r,
  /var/lib/mysql-keyring/** rwk,

# Allow log file access
  /var/log/mysql.err rw,
  /var/log/mysql.log rw,
  /var/log/mysql/ r,
  /var/log/mysql/** rw,

  # Site-specific additions and overrides. See local/README for details.
  #include <local/usr.sbin.mysqld>
}

Источник

Не запускается служба AppArmor после установки MySQL — решение проблемы

Для целей диагностики, у меня включены сообщения во время загрузки в /etc/default/grub (строка GRUB_CMDLINE_LINUX=»»
).
При запуске компьютера под управлением Linux Mint 19.2 видны ошибки вида FAILED Failed to start AppArmor. Проблема началась после переустановки службы MySQL для управления реляционными базами данных. Решение проблемы «Failed to start AppArmor» приведено ниже…

Одно из решений — добавить файл абстракций AppArmor для mysql:
/etc/apparmor.d/abstractions/mysql
в который нужно добавить строки как указано в статье.

  • Данный способ у меня не сработал.

Диагностика команды journalctl -xe
указала на причину такого поведения AppArmor:

сен 03 10:46:37 mypc apparmor[4313]: AppArmor parser error for /etc/apparmor.d/usr.sbin.mysqld in /etc/apparmor.d/usr.sbin.mysqld

Причина в некорректном профиле сервиса mysqld, для службы AppArmor, который содержится в файле /etc/apparmor.d/usr.sbin.mysqld.

Моё решение :

Нужно запретить использование сервиса AppArmor для службы mysqld при помощи следующих двух команд.

cd /etc/apparmor.d/disable
sudo ln -s /etc/apparmor.d/usr.sbin.mysqld usr.sbin.mysqld

Запустил сервис AppArmor.

sudo systemctl start apparmor.service

Ошибок больше нет. 

sudo systemctl status apparmor.service

сен 03 11:12:21 mypc systemd[1]: Starting AppArmor initialization…
сен 03 11:12:30 imypc systemd[1]: Started AppArmor initialization.

Сервис mysql тоже не выдает ошибки:

sudo systemctl status mysql

сен 03 11:14:47 mypc systemd[1]: Starting MySQL Community Server…
сен 03 11:14:52 mypc systemd[1]: Started MySQL Community Server.

Решение придумал по аналогии, изучив содержимое папки /etc/apparmor.d/disable:
usr.bin.firefox -> /etc/apparmor.d/usr.bin.firefox
usr.sbin.rsyslogd -> /etc/apparmor.d/usr.sbin.rsyslogd

Похожие публикации

Источник
  • Печать

Страницы: [1]   Вниз

Тема: Ошибка юнита apparmor.service  (Прочитано 1432 раз)

0 Пользователей и 1 Гость просматривают эту тему.

Оффлайн
buntинец

В журнале загрузки

sudo  cat /var/log/boot.log заметил:
[FAILED] Failed to start Load AppArmor profiles.
See ‘systemctl status apparmor.service’ for details
Проверил

systemctl --no-pager --full status apparmor.serviceСообщает о наличии ошибки

Snap-пакетами не пользуюсь и, насколько знаю, сознательно не устанавливал.

На всякий случай другие команды проверки

Здесь на форуме уже был аналогичный вопрос, но решения я не увидел и люди там не пришли к пониманию.
Помогите, пожалуйста, решить проблему.

« Последнее редактирование: 10 Февраля 2022, 05:31:23 от buntинец »

Оффлайн
Morisson

Process: 730 ExecStart=/lib/apparmor/apparmor.systemd reload (code=exited, status=1/FAILURE)
Main PID: 730 (code=exited, status=1/FAILURE)
CPU: 585ms

sudo journalctl -b _PID=730Только PID процесса теперь другой будет.

Оффлайн
Morisson

Snap-пакетами не пользуюсь и, насколько знаю, сознательно не устанавливал.

sudo apt purge snapd

Оффлайн
AnrDaemon

А давайте не будем пороть горячку?

ls -ld /etc/apparmor.d/usr.lib.snapd.snap-confine.real; cat /etc/apparmor.d/usr.lib.snapd.snap-confine.real
Результаты сюда.

Хотите получить помощь? Потрудитесь представить запрошенную информацию в полном объёме.

Прежде чем [Отправить], нажми [Просмотр] и прочти собственное сообщение. Сам-то понял, что написал?…

Оффлайн
buntинец

Process: 730 ExecStart=/lib/apparmor/apparmor.systemd reload (code=exited, status=1/FAILURE)
Main PID: 730 (code=exited, status=1/FAILURE)
CPU: 585ms

sudo journalctl -b _PID=730Только PID процесса теперь другой будет.

sudo journalctl -b _PID=730

-- Journal begins at Thu 2021-01-07 10:20:23 +05, ends at Thu 2022-02-10 12:46:01 +05. --
фев 10 02:33:06 Lenbook apparmor.systemd[730]: Restarting AppArmor
фев 10 02:33:06 Lenbook apparmor.systemd[730]: Reloading AppArmor profiles
фев 10 02:33:07 Lenbook apparmor.systemd[730]: Error: At least one profile failed to load

Пользователь добавил сообщение 10 Февраля 2022, 16:58:17:

А давайте не будем пороть горячку?ls -ld /etc/apparmor.d/usr.lib.snapd.snap-confine.real; cat /etc/apparmor.d/usr.lib.snapd.snap-confine.real
Результаты сюда.

ls: невозможно получить доступ к ‘/etc/apparmor.d/usr.lib.snapd.snap-confine.real’: Нет такого файла или каталога

cat: /etc/apparmor.d/usr.lib.snapd.snap-confine.real: Нет такого файла или каталога

« Последнее редактирование: 10 Февраля 2022, 16:58:17 от buntинец »

Оффлайн
AnrDaemon

grep -ir "usr.lib.snapd.snap-confine.real" /etc/apparmor.d; ls -l /etc/apparmor.d

Хотите получить помощь? Потрудитесь представить запрошенную информацию в полном объёме.

Прежде чем [Отправить], нажми [Просмотр] и прочти собственное сообщение. Сам-то понял, что написал?…

Оффлайн
buntинец

grep -ir «usr.lib.snapd.snap-confine.real» /etc/apparmor.d; ls -l /etc/apparmor.d

Оффлайн
buntинец

Похоже, проблема решена. Как именно не знаю. Возможно, помог совет окончательно стереть Snapd и последующая перезагрузка, после которой проблемы с Apparmor нет.

Неделю ещё понаблюдаю за системой и если всё хорошо, помечу проблему как решённую.

  • Печать

Страницы: [1]   Вверх

Источник


    • #1

    Hi,

    I just finished upgrading from v5 to v6.0.29. The upgrade itself went very smooth, thanks for that!

    Afterwards I upgraded my kernel to 5.15.35-2-pve (Proxmox because I use ZFS).

    When I then tried to start my docker containers it failed claiming AppArmor is enabled, but the docker-default profile is missing:

    ERROR: for XXX  Cannot start service jackett: AppArmor enabled on system but the docker-default profile could not be loaded: running `apparmor_parser apparmor_parser --version` failed with output: 
error: exec: "apparmor_parser": executable file not found in $PATH

    Linux 5.15.35-2-p

    But the apparmor-package is not installed, as seems to be the default for OMV:

    dpkg --list | grep apparmor
rc  apparmor                            2.13.6-10                      amd64        user-space parser utility for AppArmor
rc  apparmor-utils                      2.13.6-10                      amd64        utilities for controlling AppArmor
ii  libapparmor1:amd64                  2.13.6-10                      amd64        changehat AppArmor library

    B

    I completely removed docker and reinstalled it using omv-installdocker, but this has not helped. Any idea what might have gone wrong here?

    • Offizieller Beitrag
    • #2

    You removed it but it could possibly still be active. Reboot.

    • #3

    A reboot did not help. It somehow still detects AppArmor as installed.

    Could it be that the proxmox kernel has it enabled, and that’s what docker checks?

    • Offizieller Beitrag
    • #4

    Could it be that the proxmox kernel has it enabled, and that’s what docker checks?

    No. I run the proxmox kernel on all of my systems. What is the output of: dpkg -l | grep apparmor

    • #5

    I purged the apparmor packages, that’s the output now:

    dpkg -l | grep apparmor                                                                      
ii  libapparmor1:amd64                  2.13.6-10                      amd64        changehat AppArmor library

    Still the same error when trying to start a docker container.

    • Offizieller Beitrag
    • #6

    What packages did you have to purge? I assume you rebooted after? Does the /etc/apparmor.d/docker file exist?

    • #7

    I ran

    apt-get purge apparmor apparmor-utils auditd

    just to make sure they are completely gone and rebooted afterwards.

    no /etc/apparmor.d:

    ❯ sudo ls -al /etc/apparmor.d/
ls: cannot access '/etc/apparmor.d/': No such file or directory

    • #8

    what does docker info tell you regarding apparmor?

    • #9

    docker info still thinks apparmor is on:

    ❯ docker info
Client:
 Context:    default
 Debug Mode: false
...
 Security Options:
  apparmor
  seccomp
   Profile: default
  cgroupns
...

    Alles anzeigen

    EDIT:

    I found out, that explicitly disabling AppArmor per service is a workaround:

    security_opt:         
  - apparmor:unconfined

    • #10

    This is a workaround but not the solution.

    The interesting thing is, on my system (without apparmor) I get this:

    root@omv:~# cat /sys/module/apparmor/parameters/enabled
Y
root@omv:~# dpkg -l | grep appa
ii  libapparmor1:amd64                   2.13.6-10                      amd64        changehat AppArmor library
root@omv:~#

    • #11

    Sure, it’s only a workaround, that’s why I called it so.

    I get the exact same results as you:

    ❯ cat /sys/module/apparmor/parameters/enabled
Y
❯ dpkg -l | grep appa
ii  libapparmor1:amd64                  2.13.6-10                      amd64        changehat AppArmor library

    • #12

    I am still confused:

    root@omv:~# docker info
Client:
 Context:    default
 Debug Mode: false
 Plugins:
  app: Docker App (Docker Inc., v0.9.1-beta3)
  buildx: Docker Buildx (Docker Inc., v0.8.2-docker)

...

 Server Version: 20.10.17

...

 Security Options:
  apparmor
  seccomp
   Profile: default
  cgroupns

...


root@omv:~# apparmor_parser
-bash: apparmor_parser: Kommando nicht gefunden.

    Alles anzeigen

    • #13

    My docker version is Server Version: 20.10.5+dfsg1 

    • #14 
    root@omv:~# docker version
Client: Docker Engine - Community
 Version:           20.10.17
 API version:       1.41
 Go version:        go1.17.11
 Git commit:        100c701
 Built:             Mon Jun  6 23:03:17 2022
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.17
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.17.11
  Git commit:       a89b842
  Built:            Mon Jun  6 23:01:23 2022
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.6
  GitCommit:        10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
 runc:
  Version:          1.1.2
  GitCommit:        v1.1.2-0-ga916309
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0
root@omv:~# dpkg -l |grep dock
ii  docker-ce                            5:20.10.17~3-0~debian-bullseye amd64        Docker: the open-source application container engine
ii  docker-ce-cli                        5:20.10.17~3-0~debian-bullseye amd64        Docker CLI: the open-source application container engine
root@omv:~# cat /etc/apt/sources.list.d/omvextras.list
deb https://openmediavault-plugin-developers.github.io/packages/debian shaitan main
deb [arch=amd64] https://download.docker.com/linux/debian bullseye stable
root@omv:~# apt-cache policy docker-ce
docker-ce:
  Installiert:           5:20.10.17~3-0~debian-bullseye
  Installationskandidat: 5:20.10.17~3-0~debian-bullseye
  Versionstabelle:
 *** 5:20.10.17~3-0~debian-bullseye 500
        500 https://download.docker.com/linux/debian bullseye/stable amd64 Packages
        100 /var/lib/dpkg/status
     5:20.10.16~3-0~debian-bullseye 500
        500 https://download.docker.com/linux/debian bullseye/stable amd64 Packages
     5:20.10.15~3-0~debian-bullseye 500
        500 https://download.docker.com/linux/debian bullseye/stable amd64 Packages
     5:20.10.14~3-0~debian-bullseye 500
        500 https://download.docker.com/linux/debian bullseye/stable amd64 Packages
     5:20.10.13~3-0~debian-bullseye 500
        500 https://download.docker.com/linux/debian bullseye/stable amd64 Packages
     5:20.10.12~3-0~debian-bullseye 500
        500 https://download.docker.com/linux/debian bullseye/stable amd64 Packages
     5:20.10.11~3-0~debian-bullseye 500
        500 https://download.docker.com/linux/debian bullseye/stable amd64 Packages
     5:20.10.10~3-0~debian-bullseye 500
        500 https://download.docker.com/linux/debian bullseye/stable amd64 Packages
     5:20.10.9~3-0~debian-bullseye 500
        500 https://download.docker.com/linux/debian bullseye/stable amd64 Packages
     5:20.10.8~3-0~debian-bullseye 500
        500 https://download.docker.com/linux/debian bullseye/stable amd64 Packages
     5:20.10.7~3-0~debian-bullseye 500
        500 https://download.docker.com/linux/debian bullseye/stable amd64 Packages
     5:20.10.6~3-0~debian-bullseye 500
        500 https://download.docker.com/linux/debian bullseye/stable amd64 Packages
root@omv:~#

    Alles anzeigen

    This is what I have.

    • #15

    I had problems with all my containers failing to start or taking forever to start as soon as I installed the Proxmox kernel. Booting to the regular kernel had no such problems with the containers.

    Problem was traced to something inappropriate in the Apparmor configuration related to docker. I tried fixing it according to sample config files I found on the net but none worked. So as was suggested by a more experienced user here I uninstalled the apparmor package. Solved.

    Edit:

    For grins I reinstalled apparmor. All containers start promptly. But my console is heavily flooded by apparmor messages. Anyone know how to quiet that down?

    • Offizieller Beitrag
    • #16

    My docker version is Server Version: 20.10.5+dfsg1

    That is an older version than even OMV 5.x gets. You probably need to fix your docker repo (click install docker again) and update.

    • #17

    I don’t understand where this docker version comes from. My sources all look good to me:

    sources.list                            
16:deb [arch=amd64] https://download.docker.com/linux/debian bullseye stable 
17:# deb-src [arch=amd64] https://download.docker.com/linux/debian bullseye stable

    Re-installing (with omv-installdocker) gets me the same version again:

    Setting up docker.io (20.10.5+dfsg1-1+deb11u1) ...

    • Offizieller Beitrag
    • #18

    What is the output of

    apt-cache policy docker-ce

    • #19

    Sorry, I can’t tell.

    I just installed docker manually following the instructions from docker.com.

    sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin

    and now I got version 20.10.17 and the apparmor-issue is gone.

    Thanks for all the help!

    • Neu
    • #20

    I appear to be having this exact same issue suddenly after an update of docker this morning.

    Apparmor isn’t installed, docker is detecting it. The only apparmor package is the libapparmor package.

    I would like to avoid installing apparmor.

    I initially installed docker via omv-extras>docker.

    I’m running kernel 5.15 on OMV 6

Источник

Hello, during manually attempts to change Pidgin profile* from :complain: to >enforce< mode with ‘aa-enforce /etc/usr.bin.pidgin’ command, this error appears:

/* Setting /etc/apparmor.d/usr.bin.pidgin to complain mode.
Warning from stdin (line 1): /sbin/apparmor_parser: cannot use or update cache, disable, or force-complain via stdin
AppArmor parser error, in stdin line 1: syntax error, unexpected TOK_PROFILE,
expecting TOK_OPEN */

As we can see, change Pidgin profile seems to work (`Setting (…) to complain mode` message), but there is not Pidgin when I check AppArmor status with ‘apparmor_status’ command. So, not everything works as I expected. A few days ago I managed to successfully toggles the mode for a couple applications, such as ‘/bin/ping’ or ‘/usr/sbin/avahi-daemon’.

Logs from ‘ubuntu-bug’ utility for `KernLog` and `ApparmorStatusOutput` looks okay. I do not see any problems. Just informations about e.g. (`KernLog`):

,——-
| type = 1400 audit(numbers): apparmor=»STATUS» operation=»profile_load» name=»*»
| pid»*» (…)
|
| type = 1400 audit(numbers): apparmor=»STATUS» operation=»profile_replace» name=»*»
| pid»*» (…) and many more, about all profiles.
`——-

And the log of `ApparmorStatusOutput` also seems to be okay — contains information about apparmor module, number of loaded profile etc. Nothing special, nothing more, nothing less. Some more distribution-specific information:

+===================================+
## Package:
       apparmor 2.7.102-0ubuntu3.1**
## Problem type:
       bug
## ApportVersion:
       2.0.1-ubuntu13
## EcryptfsInUse:
       yes
## NonFreeKernelModules:
       nvidia
## Architecture:
       i386
## Distro release:
       12.04
## Uname:
       3.2.0-32-generic

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 12.04.1 LTS
Release: 12.04
Codename: precise
+===================================+

Best regards!

_____________
* taken from bazaar.launchpad.net website.
** ‘apparmor-utils’ and ‘apparmor-profiles’ have the same version.

Источник
  • Home
  • Forum
  • The Ubuntu Forum Community
  • Ubuntu Specialised Support
  • Security
  • Fix or refresh apparmor profiles?

  1. Question Fix or refresh apparmor profiles?

    I only became aware of apparmor as I was following this guide to move the location of my mysql dir:

    How To Move a MySQL Data Directory to a New Location on Ubuntu 18.04

    After creating the alias in /etc/apparmor.d/tunables/alias, and trying:

    Code:

    sudo systemctl restart apparmor

    I receive the error:

    Code:

    Job for apparmor.service failed because the control process exited with error code.See "systemctl status apparmor.service" and "journalctl -xe" for details.

    Code:

    runswithascript@apparatus:~$ systemctl status apparmor.service
● apparmor.service - AppArmor initialization
   Loaded: loaded (/lib/systemd/system/apparmor.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Thu 2019-11-07 09:06:04 GMT; 5min ago
     Docs: man:apparmor(7)
           http://wiki.apparmor.net/
  Process: 4539 ExecStart=/etc/init.d/apparmor start (code=exited, status=123)
 Main PID: 4539 (code=exited, status=123)


Nov 07 09:06:04 apparatus apparmor[4539]: Skipping profile in /etc/apparmor.d/disable: usr.bin.firefox
Nov 07 09:06:04 apparatus apparmor[4539]: AppArmor parser error for /etc/apparmor.d/usr.lib.dovecot.auth in /etc/apparmor.d/usr.lib.dovecot.auth at line 18: Could not open 'abstractions/mysql'
Nov 07 09:06:04 apparatus apparmor[4539]: AppArmor parser error for /etc/apparmor.d/usr.lib.dovecot.dict in /etc/apparmor.d/usr.lib.dovecot.dict at line 16: Could not open 'abstractions/mysql'
Nov 07 09:06:04 apparatus apparmor[4539]: AppArmor parser error for /etc/apparmor.d/usr.sbin.dovecot in /etc/apparmor.d/usr.sbin.dovecot at line 19: Could not open 'abstractions/mysql'
Nov 07 09:06:04 apparatus apparmor[4539]: AppArmor parser error for /etc/apparmor.d/usr.sbin.mysqld in /etc/apparmor.d/usr.sbin.mysqld at line 9: Could not open 'abstractions/mysql'
Nov 07 09:06:04 apparatus apparmor[4539]: Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd
Nov 07 09:06:04 apparatus apparmor[4539]:    ...fail!
Nov 07 09:06:04 apparatus systemd[1]: apparmor.service: Main process exited, code=exited, status=123/n/a
Nov 07 09:06:04 apparatus systemd[1]: apparmor.service: Failed with result 'exit-code'.
Nov 07 09:06:04 apparatus systemd[1]: Failed to start AppArmor initialization.

    Pastebin of journalctl -xe

    Code:

    runswithascript@apparatus:~$ sudo journalctl -u apparmor
Nov 07 09:06:04 apparatus systemd[1]: Starting AppArmor initialization...
Nov 07 09:06:04 apparatus apparmor[4539]:  * Starting AppArmor profiles
Nov 07 09:06:04 apparatus apparmor[4539]: AppArmor parser error for /etc/apparmor.d/sbin.syslog-ng in /etc/apparmor.d/sbin.syslog-ng at line 22: Could not open 'abstractions/mysql'
Nov 07 09:06:04 apparatus apparmor[4539]: Skipping profile in /etc/apparmor.d/disable: usr.bin.firefox
Nov 07 09:06:04 apparatus apparmor[4539]: AppArmor parser error for /etc/apparmor.d/usr.lib.dovecot.auth in /etc/apparmor.d/usr.lib.dovecot.auth at line 18: Could not open 'abstractions/mysql'
Nov 07 09:06:04 apparatus apparmor[4539]: AppArmor parser error for /etc/apparmor.d/usr.lib.dovecot.dict in /etc/apparmor.d/usr.lib.dovecot.dict at line 16: Could not open 'abstractions/mysql'
Nov 07 09:06:04 apparatus apparmor[4539]: AppArmor parser error for /etc/apparmor.d/usr.sbin.dovecot in /etc/apparmor.d/usr.sbin.dovecot at line 19: Could not open 'abstractions/mysql'
Nov 07 09:06:04 apparatus apparmor[4539]: Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd
Nov 07 09:06:04 apparatus apparmor[4539]: AppArmor parser error for /etc/apparmor.d/usr.sbin.mysqld in /etc/apparmor.d/usr.sbin.mysqld at line 9: Could not open 'abstractions/mysql'
Nov 07 09:06:04 apparatus apparmor[4539]: AppArmor parser error for /etc/apparmor.d/sbin.syslog-ng in /etc/apparmor.d/sbin.syslog-ng at line 22: Could not open 'abstractions/mysql'
Nov 07 09:06:04 apparatus apparmor[4539]: Skipping profile in /etc/apparmor.d/disable: usr.bin.firefox
Nov 07 09:06:04 apparatus apparmor[4539]: AppArmor parser error for /etc/apparmor.d/usr.lib.dovecot.auth in /etc/apparmor.d/usr.lib.dovecot.auth at line 18: Could not open 'abstractions/mysql'
Nov 07 09:06:04 apparatus apparmor[4539]: AppArmor parser error for /etc/apparmor.d/usr.lib.dovecot.dict in /etc/apparmor.d/usr.lib.dovecot.dict at line 16: Could not open 'abstractions/mysql'
Nov 07 09:06:04 apparatus apparmor[4539]: AppArmor parser error for /etc/apparmor.d/usr.sbin.dovecot in /etc/apparmor.d/usr.sbin.dovecot at line 19: Could not open 'abstractions/mysql'
Nov 07 09:06:04 apparatus apparmor[4539]: AppArmor parser error for /etc/apparmor.d/usr.sbin.mysqld in /etc/apparmor.d/usr.sbin.mysqld at line 9: Could not open 'abstractions/mysql'
Nov 07 09:06:04 apparatus apparmor[4539]: Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd
Nov 07 09:06:04 apparatus apparmor[4539]:    ...fail!
Nov 07 09:06:04 apparatus systemd[1]: apparmor.service: Main process exited, code=exited, status=123/n/a
Nov 07 09:06:04 apparatus systemd[1]: apparmor.service: Failed with result 'exit-code'.
Nov 07 09:06:04 apparatus systemd[1]: Failed to start AppArmor initialization.

    From what I have read, the issue appears to be with a firefox and rsyslogd? I assume that the references to mysql were because I was unable to restart apparmor and complete the guide I was following, but that once the underlaying issues are resolved everything will be okay with mysql. I followed the same guide also on my desktop, which also runs 18.04, and apparmor restarted fine. I do not remember ever using apparmor before or configuring profiles, I actually stopped using Firefox several years ago, and I am not sure I ever even opened it on this install.

    Is there a way to delete the offending profiles, or regenerate them please?

  2. Cool Re: Fix or refresh apparmor profiles?

Bookmarks

Bookmarks


Posting Permissions

Источник

Понравилась статья? Поделить с друзьями:
  • App store ошибка платеж не выполнен
  • App store ошибка оплаты
  • App store выдает ошибку
  • App store connect operation error
  • App store app update error