[pkg-apparmor] Bug#901559: apparmor fails to start with empty features-file=

Vincas Dargis vindrg at gmail.com
Thu Jun 14 19:00:38 BST 2018 

Package: apparmor
Version: 2.13-1
Severity: normal

Dear Maintainer,

AppArmor 2.13 fails to start if I set `features-file=` in parser.conf:

```
# systemctl status apparmor
● apparmor.service - Load AppArmor profiles
   Loaded: loaded (/lib/systemd/system/apparmor.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Thu 2018-06-14 20:53:42 EEST; 5min ago
     Docs: man:apparmor(7)
           https://gitlab.com/apparmor/apparmor/wikis/home/
  Process: 4811 ExecStop=/bin/true (code=exited, status=0/SUCCESS)
  Process: 4812 ExecStart=/etc/init.d/apparmor start (code=exited, status=123)
 Main PID: 4812 (code=exited, status=123)

Jun 14 20:53:42 debian-sid systemd[1]: Starting Load AppArmor profiles...
Jun 14 20:53:42 debian-sid apparmor[4812]: Starting AppArmor profiles: failed!
Jun 14 20:53:42 debian-sid systemd[1]: apparmor.service: Main process exited, code=exited, status=123/n/a
Jun 14 20:53:42 debian-sid systemd[1]: apparmor.service: Failed with result 'exit-code'.
Jun 14 20:53:42 debian-sid systemd[1]: Failed to start Load AppArmor profiles.
```

Before, we used this to disable feature pinning, if I recall correctly.

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.16.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages apparmor depends on:
ii  debconf [debconf-2.0]  1.5.67
ii  libc6                  2.27-3
ii  lsb-base               9.20170808
ii  python3                3.6.5-3

apparmor recommends no packages.

Versions of packages apparmor suggests:
ii  apparmor-profiles-extra  1.20
ii  apparmor-utils           2.13-1

-- Configuration Files:
/etc/apparmor/parser.conf changed:
features-file=


-- debconf information excluded

More information about the pkg-apparmor-team mailing list