stackoom
  简体   繁体   中英

Apparmor and IPv6

 原文  2012-01-30 23:51:37       apache/ linux-kernel/ kernel/ mod-proxy/ apparmor

Question

I use Apache2 mod_proxy_ajp to proxy requests to Tomcat. Apache is sandboxed with AppArmor. Everything works OK when the host has a valid ipv4 address. However when used inside parallels with only a LAN address, the proxy returns empty pages.

When looking at /var/log/kern.log, I see the line below. aa-logprof doesn't know what to do with it. I suspect that it is due to parallels assigning a ipv6 lan address instead of ipv4. How could I fix this? 

Jan 30 14:48:32 John-Ubuntu-Desktop kernel: [   86.853082] type=1400
audit(1327963712.880:54): apparmor="DENIED" operation="recvmsg" parent=1686 
profile="/usr/lib/apache2/mpm-prefork/apache2//DEFAULT_URI" pid=1696
comm="apache2" laddr=::ffff:127.0.0.1 lport=80 faddr=::ffff:127.0.0.1
fport=59686 family="inet6" sock_type="stream" protocol=6

1 answers

solution1
 1 ACCPTED  2012-01-31 00:58:05

Solved my own problem. Fixed it by adding a

#include <abstractions/nameservice> to ^DEFAULT_URI{}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Configuring apache on ipv6 no connection RewriteRule with an IPv6 IP address does not work REMOTE_ADDR and IPv6 in PHP How to configure apache to use ipv6 for subdomains Does Mongrel do IPv6 well? htaccess redirect but exclude whole ipv6 prefix RewriteCond for ipv6 subnet under .htaccess Mod_jk workers - ipv4 / ipv6 /fqdn Only allow IPv6 addresses in Apache Denote ipv6 entry in apache log
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM