Fixing apparmor=”DENIED” name=”/run/systemd/journal/dev-log”

At some point you might encounter a very annoying error, especially in Debian based distros, including Proxmox. Here’s a sample log:

apparmor="DENIED" operation="sendmsg" profile="/usr/sbin/named" name="/run/systemd/journal/dev-log" pid=1073 comm="named" requested_mask="w" denied_mask="w"

This happens because apparmor is a little bit too overzealous. The fix is very simple.

Add the following line in “/etc/apparmor.d/local/usr.sbin.named”:

/run/systemd/journal/dev-log rw,

And execute this:

sudo apparmor_parser -r /etc/apparmor.d/usr.sbin.named

You’re done. 🙂

Was this tutorial useful? Buy me a drink by using the “donate” button below. 🙂

3 Comments

  1. not work!!!

    grep ntpd /var/log/syslog
    Nov 27 16:03:03 wwwcplus kernel: [108783.995572] audit: type=1400 audit(1511787783.395:931): apparmor=”DENIED” operation=”sendmsg” info=”Failed name lookup – disconnected path” error=-13 profile=”/usr/sbin/ntpd” name=”run/systemd/journal/dev-log” pid=15983 comm=”ntpd” requested_mask=”w” denied_mask=”w” fsuid=114 ouid=0
    Nov 27 16:03:03 wwwcplus kernel: [108783.995672] audit: type=1400 audit(1511787783.395:932): apparmor=”DENIED” operation=”sendmsg” info=”Failed name lookup – disconnected path” error=-13 profile=”/usr/sbin/ntpd” name=”run/systemd/journal/dev-log” pid=15983 comm=”ntpd” requested_mask=”w” denied_mask=”w” fsuid=114 ouid=0
    Nov 27 16:03:03 wwwcplus kernel: [108783.995706] audit: type=1400 audit(1511787783.395:933): apparmor=”DENIED” operation=”sendmsg” info=”Failed name lookup – disconnected path” error=-13 profile=”/usr/sbin/ntpd” name=”run/systemd/journal/dev-log” pid=15983 comm=”ntpd” requested_mask=”w” denied_mask=”w” fsuid=114 ouid=0
    Nov 27 16:03:03 wwwcplus kernel: [108783.995721] audit: type=1400 audit(1511787783.395:934): apparmor=”DENIED” operation=”sendmsg” info=”Failed name lookup – disconnected path” error=-13 profile=”/usr/sbin/ntpd” name=”run/systemd/journal/dev-log” pid=15983 comm=”ntpd” requested_mask=”w” denied_mask=”w” fsuid=114 ouid=0
    Nov 27 16:03:03 wwwcplus kernel: [108783.995735] audit: type=1400 audit(1511787783.395:935): apparmor=”DENIED” operation=”sendmsg” info=”Failed name lookup – disconnected path” error=-13 profile=”/usr/sbin/ntpd” name=”run/systemd/journal/dev-log” pid=15983 comm=”ntpd” requested_mask=”w” denied_mask=”w” fsuid=114 ouid=0
    Nov 27 16:03:03 wwwcplus kernel: [108783.995748] audit: type=1400 audit(1511787783.395:936): apparmor=”DENIED” operation=”sendmsg” info=”Failed name lookup – disconnected path” error=-13 profile=”/usr/sbin/ntpd” name=”run/systemd/journal/dev-log” pid=15983 comm=”ntpd” requested_mask=”w” denied_mask=”w” fsuid=114 ouid=0
    Nov 27 16:03:03 wwwcplus kernel: [108784.010691] audit: type=1400 audit(1511787783.410:937): apparmor=”DENIED” operation=”open” profile=”/usr/sbin/ntpd” name=”/usr/local/sbin/” pid=16399 comm=”ntpd” requested_mask=”r” denied_mask=”r” fsuid=0 ouid=0
    Nov 27 16:03:03 wwwcplus kernel: [108784.010767] audit: type=1400 audit(1511787783.410:938): apparmor=”DENIED” operation=”open” profile=”/usr/sbin/ntpd” name=”/usr/local/bin/” pid=16399 comm=”ntpd” requested_mask=”r” denied_mask=”r” fsuid=0 ouid=0
    Nov 27 16:03:03 wwwcplus kernel: [108784.011473] audit: type=1400 audit(1511787783.411:939): apparmor=”DENIED” operation=”sendmsg” info=”Failed name lookup – disconnected path” error=-13 profile=”/usr/sbin/ntpd” name=”run/systemd/journal/dev-log” pid=16399 comm=”ntpd” requested_mask=”w” denied_mask=”w” fsuid=0 ouid=0
    Nov 27 16:03:03 wwwcplus kernel: [108784.011574] audit: type=1400 audit(1511787783.411:940): apparmor=”DENIED” operation=”sendmsg” info=”Failed name lookup – disconnected path” error=-13 profile=”/usr/sbin/ntpd” name=”run/systemd/journal/dev-log” pid=16399 comm=”ntpd” requested_mask=”w” denied_mask=”w” fsuid=0 ouid=0

    1. Of course it didn’t solve your problem, because your problem is with NTPd and not NAMEd.

  2. Hello sir,
    Sorry with your solution I can not solve my problem.
    I have debian 8 on my VM and I still have the following error:

    “apparmor =” DENIED “operation =” sendmsg “profile =” / usr / sbin / named “name =” / run / systemd / log / dev-log “pid = 1435 comm =” named “requested_mask =” w “denied_mask = “w” fsuid = 109 ouid = 0 “

    Here is the error when I tried to apply your solution.

    root@hoster:~# apparmor_parser -r /etc/apparmor.d/usr.sbin.named
    -bash: apparmor_parser: command not found
    root@hoster:~#


    Thank you for helping me.

     

Leave a Comment

Your email address will not be published. Required fields are marked *