Review: Needs Information > 1. Done.
Reviewed, looks good. Thanks! If this was all this merge request was about, I would approve the merge as-is. > 2. I have just reproduced it on: > Ubuntu 17.04 and 17.10 (Alpha) on Virtual Box (Host is Kubuntu 16.04). > Ubuntu 17.04 LiveCD on my physical machine. > > I, too, *cannot* reproduce it on Debian Sid for some unknown reason. > > strace shows failed calls on Ubuntu: > > setsockopt(4, SOL_SOCKET, SO_RCVBUFFORCE, [8388608], 4) = -1 EPERM (Operation > not permitted) > […] > What is strange though, that Debian and Ubuntu has the same defaults (212992), > though it seems that only on Ubuntu traceroute tries to increase that > option... I suspect that traceroute does just the same on Debian *but* some AppArmor mediation only supported in the Ubuntu kernel blocks it there. So the question is: to quiet the logs shall we allow or forbid it? In other words, what's the drawback of forbidding traceroute from performing these operations? -- https://code.launchpad.net/~talkless/apparmor/fix_traceroute_tcp/+merge/326260 Your team AppArmor Developers is requested to review the proposed merge of lp:~talkless/apparmor/fix_traceroute_tcp into lp:apparmor. -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
