[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

Error message while starting : [Failed to start LSB: AppArmor initialization


#1

Hello Whonix Community,

I’m experiencing an error message while starting my Whonix-Workstation (doesn’t appear on the Gateway). I don’t know if this is very important, but I don’t like the red [Failed] lines so I would like to solve that if possible with your help.

Here is a capture : https://imgur.com/qHCIOuY

What does it mean ? Is there something we can do to fix this ?

Thank you for your support and best regards.


#2

It means AppArmor failed to start which is used to confine programs and an important part of Whonix. Post the output of sudo journalctl | grep -i apparmor.
It could tell you why AppArmor failed


#3

Hello Algernon,

Thank you for the command lines I typed in a terminal and here are the outputs I can’t analyse. Any suggestion on what causes the problem and how to solve it ?

Thank you very much and best regards.

On the Gateway
[sudo] password for user:
user@host:~$ sudo journalctl | grep -i apparmor.
[sudo] password for user:
Sorry, try again.
[sudo] password for user:
jan 06 22:53:35 host kernel: Kernel command line: BOOT_IMAGE=/boot/vmlinuz-3.16.0-4-686-pae root=UUID=26ada0c0-1165-4098-884d-aafd2220c2c6 ro apparmor=1 security=apparmor
jan 06 22:53:35 host kernel: AppArmor: AppArmor initialized
jan 06 22:53:35 host kernel: AppArmor: AppArmor Filesystem Enabled
jan 06 22:53:35 host kernel: AppArmor: AppArmor sha1 policy hashing enabled
jan 06 22:53:35 host systemd[1]: systemd 215 running in system mode. (+PAM +AUDIT +SELINUX +IMA +SYSVINIT +LIBCRYPTSETUP +GCRYPT +ACL +XZ -SECCOMP -APPARMOR)
jan 06 22:53:36 host systemd[1]: Starting LSB: AppArmor initialization…
jan 06 22:53:37 host kernel: audit: type=1400 audit(1515279217.860:2): apparmor=“STATUS” operation=“profile_load” name=“system_tor” pid=367 comm=“apparmor_parser"
jan 06 22:53:37 host kernel: audit: type=1400 audit(1515279217.892:3): apparmor=“STATUS” operation=“profile_load” name=”/usr/bin/obfsproxy" pid=367 comm=“apparmor_parser"
jan 06 22:53:37 host kernel: audit: type=1400 audit(1515279217.920:4): apparmor=“STATUS” operation=“profile_load” name=”/usr/bin/whonixcheck" pid=367 comm=“apparmor_parser"
jan 06 22:53:37 host kernel: audit: type=1400 audit(1515279217.932:5): apparmor=“STATUS” operation=“profile_load” name=”/usr/lib/sdwdate/url_to_unixtime" pid=367 comm=“apparmor_parser"
jan 06 22:53:37 host kernel: audit: type=1400 audit(1515279217.952:6): apparmor=“STATUS” operation=“profile_load” name=”/usr/sbin/cpfpd" pid=367 comm="apparmor_parser"
jan 06 22:53:38 host apparmor[230]: Starting AppArmor profiles:.
jan 06 22:53:38 host systemd[1]: Started LSB: AppArmor initialization.
user@host:~$

On the WorkStation
user@host:~$ sudo journalctl | grep -i apparmor.
[sudo] password for user:
jan 06 22:01:57 host kernel: Kernel command line: BOOT_IMAGE=/boot/vmlinuz-3.16.0-4-686-pae root=UUID=26ada0c0-1165-4098-884d-aafd2220c2c6 ro apparmor=1 security=apparmor
jan 06 22:01:57 host kernel: AppArmor: AppArmor initialized
jan 06 22:01:57 host kernel: AppArmor: AppArmor Filesystem Enabled
jan 06 22:01:57 host kernel: AppArmor: AppArmor sha1 policy hashing enabled
jan 06 22:01:57 host systemd[1]: systemd 215 running in system mode. (+PAM +AUDIT +SELINUX +IMA +SYSVINIT +LIBCRYPTSETUP +GCRYPT +ACL +XZ -SECCOMP -APPARMOR)
jan 06 22:01:58 host systemd[1]: Starting LSB: AppArmor initialization…
jan 06 22:02:00 host apparmor[244]: Starting AppArmor profiles:AppArmor parser error for /etc/apparmor.d/usr.bin.thunderbird in /etc/apparmor.d/usr.bin.thunderbird at line 12: syntax error, unexpected TOK_SET_VAR, expecting TOK_OPEN
jan 06 22:02:00 host apparmor[244]: AppArmor parser error for /etc/apparmor.d/usr.bin.thunderbird in /etc/apparmor.d/usr.bin.thunderbird at line 12: syntax error, unexpected TOK_SET_VAR, expecting TOK_OPEN
jan 06 22:02:00 host kernel: audit: type=1400 audit(1515276120.477:2): apparmor=“STATUS” operation=“profile_load” name="/usr/lib/sdwdate/url_to_unixtime" pid=342 comm=“apparmor_parser"
jan 06 22:02:00 host kernel: audit: type=1400 audit(1515276120.513:3): apparmor=“STATUS” operation=“profile_load” name=”/usr/bin/whonixcheck" pid=341 comm="apparmor_parser"
jan 06 22:02:00 host apparmor[244]: failed!
jan 06 22:02:00 host systemd[1]: apparmor.service: control process exited, code=exited status=123
jan 06 22:02:00 host systemd[1]: Failed to start LSB: AppArmor initialization.
jan 06 22:02:00 host systemd[1]: Unit apparmor.service entered failed state.
user@host:~$


#4

It looks like this bug here: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884217

It seems the apparmor parser from jessie can’t handle the latest profiles.
Maybe it is going to be fixed upstream so new updates should automatically resolve this issue. Upgrading to stretch should do the same though Whonix 14 is not officially out yet. You could download the 14 developers version though.
What maybe could also work is editing /etc/apparmor.d/usr.bin.thunderbird and change
profile thunderbird @{thunderbird_executable} {
to
profile thunderbird /usr/lib/thunderbird/thunderbird {
and then restarting apparmor:
sudo service apparmor restart


#5

Hi Algernon,

I would like to thank you for your great support and submit a quick feedback.

Indeed your proposition works fine, I edited the file like indicated and no error message anymore at startup :grinning:

Perfect :+1: Topic can be passed as solved :slightly_smiling_face:

Best regards,
Cottonwoodhill