Re: [Samba] Debian Buster, bind_dlz, and apparmor
- Date: Tue, 28 Nov 2017 08:37:22 -0600
- From: Dale Schroeder via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Debian Buster, bind_dlz, and apparmor
On 11/28/2017 2:38 AM, Rowland Penny via samba wrote:
On Mon, 27 Nov 2017 14:53:32 -0600
Dale Schroeder via samba <samba@xxxxxxxxxxxxxxx> wrote:
Last week, Debian testing (Buster) added apparmor to the list of
dependencies for its latest kernel release, apparently because
systemd needs it. Recently, I noticed my first casualty - bind9 -
due to apparmor failures with bind_dlz.
Knowing next to nothing about apparmor, what is needed to fix this,
and what further info do you need from me?
I cannot seem to find a debian kernel that has a dependency on
apparmor, can you provide a link ?
Even if debian is making the kernel depend on apparmor (by the way,
does Linus know about this ?), this isn't a Samba problem, it is an
Thanks for responding.
[ Ben Hutchings ]
* linux-image: Recommend apparmor, as systemd units with an AppArmor
profile will fail without it (Closes: #880441)
So, although the word "recommend" implies that one has a choice, in
reality, the kernel upgrade would not proceed without installing apparmor.
I suppose it would be possible to disable, but assuming the systemd
warning is a harbinger of things to come, it seemed best to me to figure
it out now. I know systemd is not your thing, and I am inclined to
agree; however, Debian sees it otherwise, leaving me to deal with it.
I asked here because there is a wiki section devoted to the topic -
Thus far, SELinux has not been forced by Debian. Regardless, since the
apparmor install, I have not been able to get Bind9 to start if bind_dlz
To unsubscribe from this list go to the following URL and read the