Apparmor and IPv6

392 views Asked by At

I use Apache2 mod_proxy_ajp to proxy requests to Tomcat. Apache is sandboxed with AppArmor. Everything works OK when the host has a valid ipv4 address. However when used inside parallels with only a LAN address, the proxy returns empty pages.

When looking at /var/log/kern.log, I see the line below. aa-logprof doesn't know what to do with it. I suspect that it is due to parallels assigning a ipv6 lan address instead of ipv4. How could I fix this?

Jan 30 14:48:32 John-Ubuntu-Desktop kernel: [   86.853082] type=1400
audit(1327963712.880:54): apparmor="DENIED" operation="recvmsg" parent=1686 
profile="/usr/lib/apache2/mpm-prefork/apache2//DEFAULT_URI" pid=1696
comm="apache2" laddr=::ffff:127.0.0.1 lport=80 faddr=::ffff:127.0.0.1
fport=59686 family="inet6" sock_type="stream" protocol=6
1

There are 1 answers

0
Jeroen Ooms On BEST ANSWER

Solved my own problem. Fixed it by adding a

#include <abstractions/nameservice> to ^DEFAULT_URI{}