Apparmor初始化失败,退出代码123


11

Apparmor无法启动,并且命令行启动的结果与以下相同

x@x-NICEPUTER:~$ systemctl --failed
  UNIT             LOAD   ACTIVE SUB    DESCRIPTION
● apparmor.service loaded failed failed LSB: AppArmor initialization

LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.

1 loaded units listed. Pass --all to see loaded but inactive units, too.
To show all installed unit files use 'systemctl list-unit-files'.

x@x-NICEPUTER:~$ systemctl status apparmor.service
● apparmor.service - LSB: AppArmor initialization
   Loaded: loaded (/etc/init.d/apparmor; bad; vendor preset: enabled)
   Active: failed (Result: exit-code) since Tue 2016-05-03 21:52:29 MDT; 1h 15min ago
     Docs: man:systemd-sysv-generator(8)
  Process: 523 ExecStart=/etc/init.d/apparmor start (code=exited, status=123)

May 03 21:52:22 x-NICEPUTER apparmor[523]: AppArmor parser error for /etc/apparmor.d/usr.bin.webbrowser-app in /etc/apparmor.d/usr.bin.webbrowser-app at line 26: Could not open '/usr/share/apparmor/hardware/graphics.d'
May 03 21:52:28 x-NICEPUTER apparmor[523]: Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd
May 03 21:52:29 x-NICEPUTER apparmor[523]: Skipping profile in /etc/apparmor.d/disable: usr.bin.firefox
May 03 21:52:29 x-NICEPUTER apparmor[523]: AppArmor parser error for /etc/apparmor.d/usr.bin.webbrowser-app in /etc/apparmor.d/usr.bin.webbrowser-app at line 26: Could not open '/usr/share/apparmor/hardware/graphics.d'
May 03 21:52:29 x-NICEPUTER apparmor[523]: Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd
May 03 21:52:29 x-NICEPUTER apparmor[523]:    ...fail!
May 03 21:52:29 x-NICEPUTER systemd[1]: apparmor.service: Control process exited, code=exited status=123
May 03 21:52:29 x-NICEPUTER systemd[1]: Failed to start LSB: AppArmor initialization.
May 03 21:52:29 x-NICEPUTER systemd[1]: apparmor.service: Unit entered failed state.
May 03 21:52:29 x-NICEPUTER systemd[1]: apparmor.service: Failed with result 'exit-code'.

目录apparmor/hardware/和文件graphics.d在内部不存在。 /usr/share/ 因此,#include /usr/share/apparmor/hardware/graphics.d在第26行/etc/apparmor.d/usr.bin.webbrowser-app返回null并导致失败。

我如何正确地解决此问题,或者至少创建一种允许apparmor.service初始化而不会失败的解决方法?

uname -a
Linux x-NICEPUTER 4.4.0-21-generic #37-Ubuntu SMP Mon Apr 18 18:33:37 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
sudo lshw
[sudo] password for x: 
x-niceputer               
    description: Computer
    width: 64 bits
    capabilities: smbios-2.4 vsyscall32
  *-core
       description: Motherboard
       physical id: 0
     *-memory
          description: System memory
          physical id: 0
          size: 3793MiB
     *-cpu
          product: Intel(R) Core(TM)2 Duo CPU     P8400  @ 2.26GHz

Answers:


17

似乎是一个已报告的错误(#1554803

可以解决apparmor-easyprof-ubuntu手动安装或创建文件夹的问题。

sudo apt-get install apparmor-easyprof-ubuntu

您介意扩展您的答案并提供适当的步骤来安装所引用的软件包或创建必要的文件夹。我看着这个错误,的确与我看到的一样。谢谢:)
xtrchessreal

这个如何解决这个问题?
Ebuzer Taha KANAT

1
@EbuzerTahaKANAT我认为这不能解决AppArmor问题,但是提供了一种方法来防止systemd在启动时失败AppArmor初始化。我手动构建了文件夹和空文件,然后运行了apparmor-easyprof-ubuntu的安装。文件(video.d,graphics.d和audio.d)在我的系统中仍然为空,并且启动时不再记录失败代码。这些文件应该包含AppArmor策略代码,我想这是基于此处的第一行的猜测launchpad.net/apparmor-easyprof-ubuntu 不确定Apparmor是否保护这些设备?错误仍未解决!
xtrchessreal

对我来说,我无法安装任何软件包,因为ifconfignetwork-manager无法加载(我有USB wifi加密狗)。所以@xtrchessreal的建议起作用了。
midopa

1

对于我来说,我无法安装,因为两者的任何包ifconfignetwork-manager找不到/启动我的USB无线适配器。

所以@xtrchessreal的评论对我有用:

在恢复模式外壳程序中,创建以下目录:

mkdir -p /usr/share/apparmor/hardware/graphics.d
mkdir -p /usr/share/apparmor/hardware/audio.d
mkdir -p /usr/share/apparmor/hardware/video.d

接着 reboot


apparmor-easyprof-ubuntu重要:该项目不再由Canonical的Ubuntu安全团队积极维护。每个launchpad.net/apparmor-easyprof-ubuntu 我不知道它是否在其他地方维护?
xtrchessreal

很高兴知道!然后,我将其从答案中删除。
midopa

1

就我而言,当我使用卸载快照包时,出现了问题apt-get remove snapd。检查系统日志,似乎快照卸载程序删除了一些目录,但没有删除引用它们的apparmor配置文件。我用修剪了软件包,apt-get purge snapd然后重新启动了apparmor,没有错误。

By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.