| === qrzxbjscubnrdcnc is now known as kcgtmwwtzsexgofx | ||
| === kcgtmwwtzsexgofx is now known as georgiag | ||
| clarkb | sarnold: I discovered your response to https://lists.ubuntu.com/archives/apparmor/2019-August/012014.html and wonder if you might be able to point me in the right direction. I've got a Noble node which has an enforcing apparmor rsyslogd profile. This profile allows me to create a /var/lib/haproxy/dev/log socket for syslog logging via $AddUnixListenSocket /var/lib/haproxy/dev/log. I'm then | 23:57 |
|---|---|---|
| clarkb | trying to mount that into a container for haproxy to log to using log /dev/log local0. This is unhappy with apparmor="DENIED" operation="sendmsg" class="file" info="Failed name lookup - disconnected path" error=-13 profile="rsyslogd" name="var/lib/haproxy/dev/log" pid=60555 comm="haproxy" requested_mask="r" denied_mask="r" | 23:57 |
| clarkb | also if this is offtopic and there is a better location to discuss let me know | 23:57 |
| clarkb | happy to migrate | 23:57 |
| sarnold | clarkb: hmm, that does seem like there's something fishy going on there, haproxy running in the rsyslogd profile .. is that intentional? | 23:59 |
| clarkb | sarnold: no that is something that had me confused. Why is haproxy sendmsg being affected by the rsyslogd profile. All profiles should be default for noble | 23:59 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!