ubuntu jammy
apparmor-profiles 3.0.3-0ubuntu3
samba 2:4.13.5+dfsg-2ubuntu3
smbd:
Nov 25 14:59:56 jammy-samba-apparmor systemd[1]: Starting Samba SMB Daemon...
Nov 25 14:59:56 jammy-samba-apparmor kernel: [ 227.586080] audit: type=1400 audit(1637852396.969:77): apparmor="ALLOWED" operation="capable" profile="smbd" pid=1094 comm="smbd" capability=12 capname="net_admin"
Nov 25 14:59:56 jammy-samba-apparmor kernel: [ 227.586241] audit: type=1400 audit(1637852396.969:78): apparmor="ALLOWED" operation="sendmsg" profile="smbd" name="/run/systemd/notify" pid=1094 comm="smbd" requested_mask="w" denied_mask="w" fsuid=0 ouid=0
Nov 25 14:59:56 jammy-samba-apparmor kernel: [ 227.592258] audit: type=1400 audit(1637852396.977:79): apparmor="ALLOWED" operation="open" profile="smbd" name="/proc/sys/kernel/osrelease" pid=1094 comm="smbd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Nov 25 14:59:56 jammy-samba-apparmor kernel: [ 227.592460] audit: type=1400 audit(1637852396.977:80): apparmor="ALLOWED" operation="open" profile="smbd" name="/proc/1/environ" pid=1094 comm="smbd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Nov 25 14:59:56 jammy-samba-apparmor kernel: [ 227.592532] audit: type=1400 audit(1637852396.977:81): apparmor="ALLOWED" operation="ptrace" profile="smbd" pid=1094 comm="smbd" requested_mask="read" denied_mask="read" peer="unconfined"
Nov 25 14:59:56 jammy-samba-apparmor kernel: [ 227.592683] audit: type=1400 audit(1637852396.977:82): apparmor="ALLOWED" operation="open" profile="smbd" name="/proc/cmdline" pid=1094 comm="smbd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Nov 25 14:59:56 jammy-samba-apparmor kernel: [ 227.600378] audit: type=1400 audit(1637852396.985:83): apparmor="ALLOWED" operation="sendmsg" profile="smbd" name="/run/systemd/notify" pid=1094 comm="smbd" requested_mask="w" denied_mask="w" fsuid=0 ouid=0
nmbd:
Nov 25 14:59:26 jammy-samba-apparmor systemd[1]: Starting Samba NMB Daemon...
Nov 25 14:59:26 jammy-samba-apparmor kernel: [ 196.718721] audit: type=1400 audit(1637852366.105:76): apparmor="ALLOWED" operation="capable" profile="nmbd" pid=1067 comm="nmbd" capability=1
2 capname="net_admin"
The systemd notify one for smbd was first fixed for nmbd in https://gitlab.com/apparmor/apparmor/-/merge_requests/236 for nmbd, but smbd was missed.
net_admin might be https://github.com/systemd/systemd/pull/10085, I didn't check if jammy's systemd has that patch (it should, since it's old)
Related: https:/ /gitlab. com/apparmor/ apparmor/ -/issues/ 203