Hi Georgia,
thanks a lot for looking into this issue!
Kind regards,
Alex
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2067900
Title:
apparmor unconfined profile blocks pivot_root
To manage notif
Hi, mihalicyn, sorry for the delay answering.
That's unfortunately right. Ubuntu 12.04 ships apparmor 2.7 which didn't
have support for ABIs yet, so dc757a645cfa82f6ac252365df20a36a9ff82760
causes a regression on those early versions. I talked to @jjohansen and
we have agreed that this patch needs
We have another problem which disappears when I revert
dc757a645cfa82f6ac252365df20a36a9ff82760 ("UBUNTU: SAUCE: apparmor4.0.0
[81/90]: apparmor: convert easy uses of unconfined() to
label_mediates()") commit.
Now it is not connected with unconfined profiles at all, it involves Ubuntu
Noble (host
Sorry for the delay. The fix had landed but it was reverted due to a
regression. We have a 4.0.1really4.0.1-0ubuntu0.24.04.3 update but
it is still sitting in noble-proposed
https://people.canonical.com/~ubuntu-archive/pending-sru.html
--
You received this bug notification because you are a
AFAIK, fix was landed
https://gitlab.com/apparmor/apparmor/-/commit/4bb134e4bb950a8c9a1f70a27eb2acd2a35df412
But changelog
https://changelogs.ubuntu.com/changelogs/pool/main/a/apparmor/apparmor_4.0.1really4.0.0-beta3-0ubuntu0.1/changelog
says that everything was reverted back to 4.0.0~beta.
--
Y
Hi all, what is the latest on this? It appears to not have been fixed in
Ubuntu 24.04.1
https://github.com/canonical/lxd/issues/13389#issuecomment-2319129052
** Bug watch added: github.com/canonical/lxd/issues #13389
https://github.com/canonical/lxd/issues/13389
--
You received this bug noti
upstream discussion
https://gitlab.com/apparmor/apparmor/-/merge_requests/1247
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2067900
Title:
apparmor unconfined profile blocks pivot_root
To manage n
This issue is now occuring in lxd latest/edge builds after we merged
initial support for restricted user namespaces.
Is there an eta on a fix?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2067900
Ti
It looks like the same issue happens with "kill" syscall:
Jul 01 15:52:45 kernel: audit: type=1400 audit(1719849165.951:291):
apparmor="DENIED" operation="signal" class="signal"
profile="lxd-v1_" pid=15369 comm="lxd"
requested_mask="receive" denied_mask="receive" signal=kill
peer="snap.lxd.daemon"
This requires a v4.0 apparmor parser and Ubuntu not upstream kernel.
The ubuntu kernel carries a patch that is work toward splitting
unconfined and making so it can replaced and only cause mediation
overhead for the classes being mediated.
The 4.0 parser is setting mediated classes in unconfined
** Also affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2067900
Title:
apparmor unconfined profile blocks pivot_root
To manage n
11 matches
Mail list logo
