Commenting #features-file in parser.conf in debian 9 (apparmor 2.11)
fixes the issue.
But on debian 10 (apparmor 2.13.2), commenting this is not enough as
profiles won't load on reboot. Using the 2.13.3 apparmor package from
ubuntu seems to fix the problem fully.
Tried with a 5.3 ubuntu kernel.
I have this issue using proxmox kernel (based on ubuntu) and debian lxc
containers.
Is this a bug with the apparmor debian package or the ubuntu kernel?
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
AFAICS e83fa67edfb534976dc4133e634519084153c0e7 got backported before
2.13.2 (8661ebcb7910e03bfcdb6fbf99616120a398d576). And the
apparmor_parser binary has the --compile-features flag in the version in
buster.
I tested with both the versions from buster (2.13.2-10) and sid (2.13.3-4):
This might be in the compiler
The feature file you are inning supports v8 socket mediation. The user
space however does not. The ubuntu kernel supports v7 and v8 socket
mediation, but the user space only supports v7. I need to dig into this
more but it looks like the user space compiler is
** Changed in: linux (Ubuntu)
Assignee: (unassigned) => John Johansen (jjohansen)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1842459
Title:
apparmor abi-feature pinning not
The feature file is the one currently shipped by buster.
** Attachment added: "features"
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1842459/+attachment/5286649/+files/features
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to
Can you please attach the features file you are setting in
/etc/apparmor/apparmor.conf
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1842459
Title:
apparmor abi-feature pinning not
7 matches
Mail list logo
