We released UC16/xenial with a new enough apparmor (which was also
backported to trusty) so we can mark the snapd task as Invalid, which I
did just now.
** Changed in: snappy
Status: Incomplete => Invalid
** Changed in: snappy
Assignee: Jamie Strandboge (jdstrand) => (unassigned)
--
Jamie, is this still an issue? I'm inclined to close this since the
apparmor bug seems to have been released a long time ago.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
Hey Jamie, I'm not sure how this affects snappy, and I'm not sure how to
reproduce it in a snappy system.
I see that a fix was released to apparmor. Is there something messing in the
snappy side?
** Changed in: snappy
Status: Confirmed => Incomplete
--
You received this bug
This bug was fixed in the package apparmor - 2.10-0ubuntu2
---
apparmor (2.10-0ubuntu2) wily; urgency=medium
* debian/patches/aa-status-dont_require_python3-apparmor.patch:
make aa-status(8) work even when python3-apparmor is not installed,
otherwise dh_apparmor postinst
** Branch linked: lp:ubuntu/wily-proposed/apparmor
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1413410
Title:
Unable to match embedded NULLs in unix bind rule for
AppArmor 2.10 has been released:
https://launchpad.net/apparmor/2.10/2.10
** Changed in: apparmor
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
** Changed in: apparmor
Milestone: None = 2.10
** Changed in: apparmor
Status: In Progress = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
The commits that fix these issues are in apparmor 2.10
r2867 - wrong handling of \x00 by the compiler
r2866 - wrong handling of the * and ** globs for abstract socket names
In adddition
in 2.9 contains r2248 - which allows a fixed alternation depth by setting the
define MAX_ALT_DEPTH, this
** Project changed: snappy-ubuntu = snappy
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1413410
Title:
Unable to match embedded NULLs in unix bind rule for abstract
This did not get addressed in the 2.9.2 release, moving to the 2.9.3
milestone.
** Changed in: apparmor/2.9
Milestone: 2.9.2 = 2.9.3
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
** Also affects: apparmor/2.9
Importance: Undecided
Status: New
** Changed in: apparmor/2.9
Status: New = Fix Committed
** Changed in: apparmor/2.9
Importance: Undecided = High
** Changed in: apparmor/2.9
Status: Fix Committed = In Progress
** Changed in:
So I have verified that firefox is doing the bind call with a 110 byte
long addrlen
[pid 1020] bind(18, {sa_family=AF_LOCAL, sun_path=@google-nacl-
o1d1020-1}, 110) = -1 EACCES (Permission denied)
so the trailing 0s being reported by the apparmor audit message are
correct
So this breaks down
12 matches
Mail list logo