** Tags added: sec-6525
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2111845
Title:
autopkgtests failing with fuse3 3.17
To manage notifications about this bug go to:
https://bugs.launchpad.net/ap
** Summary changed:
- Ubuntu 25.05 plucky: lsusb --tree command doesn't works
+ Ubuntu 25.04 plucky: lsusb --tree command doesn't works
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2110212
Title:
** Tags added: sec-6489
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2110212
Title:
Ubuntu 25.05 plucky: lsusb --tree command doesn't works
To manage notifications about this bug go to:
https://bu
Can you please attach the apparmor denial entries to this bug report?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2110212
Title:
Ubuntu 25.05 plucky: lsusb --tree command doesn't works
To manage
We have received multiple reports of remmina breakage caused by an
incomplete AppArmor profile, and we are planning to pull the profile
from Plucky entirely. Please see
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2107723 and
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/211023
This might be a separate fusermount bug - could you please file a new
issue against AppArmor and include any AppArmor denial logs that might
have been generated?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.ne
Yes this still happens on the live system. What I have noticed on the live
system is that once I have set it to single click to open, if I double
click it will crash Nautilus, whereas on my installed system it seems less
stable and crashes seem to happen often without the double click and always
wi
Public bug reported:
Wayland & Xorg - Ubuntu 25.04 - When I set Nautilus to single click to
open folders it crashes Nautilus bizarely this behavious is also carried
over to Thunar. When I set it back t double click it seems to be working
fine ad with no crashes. Tried in Wayland & Xorg with reboot
Updated debdiff to fix the issue identified; we are no longer attempting
to match the version number of this Plucky upload to the package version
in Questing.
** Patch added: "apparmor_4.1.0~beta5-0ubuntu14.1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2110236/+attachment/
Just installed fresh copy using 6.11.0-26. Same issue is happening on
all new Ubuntu LTS installs in our organisation.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2091753
Title:
Plymouth fails wit
** Changed in: apparmor (Ubuntu Questing)
Status: New => Fix Released
** Changed in: apparmor (Ubuntu Plucky)
Status: New => Confirmed
** Changed in: apparmor (Ubuntu Questing)
Assignee: (unassigned) => Ryan Lee (rlee287)
--
You received this bug notification becaus
** Description changed:
[ Impact ]
sshfs mounts specified in /etc/fstab would fail to mount when a mount of
all filesystems specified in the fstab was attempted with mount -a. This
- was due to a missing noexec mount flag specification in the mount rules.
+ was due to a missing noexec mou
** Description changed:
- My sshfs mounts from /etc/fstab stopped working after upgrading to
- Plucky. This is the line from my fstab:
+ [ Impact ]
+
+ sshfs mounts specified in /etc/fstab would fail to mount when a mount of
+ all filesystems specified in the fstab was attempted with mount -a. Th
** Description changed:
[ Impact ]
This SRU contains fixes for a number of bugs:
- * The unprivileged_userns profile did not have access to the root directory
(LP: #2110616)
- * lsblk could not list DASD devices on IBM System Z (LP: #2107402)
- * Various commands segfaulted when run fro
FYI the iotop-c profile fixing is tracked in
https://bugs.launchpad.net/ubuntu/+source/iotop-c/+bug/2107727.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2111604
Title:
lsblk: failed to get sysfs n
** Tags added: sec-6372
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2111885
Title:
openvpn doesn't work with opensc hw tokens (apparmor denied)
To manage notifications about this bug go to:
https
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Ryan Lee (rlee287)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2111807
Title:
Plucky broke fstab sshfs mounts, which depend
Going to be updating this again as a different bug report came in that
made us realize that one of the fixes included in this SRU was
incomplete.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2110236
Could you please link to an autopkgtest failure log that would help us
investigate?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2111845
Title:
autopkgtests failing with fuse3 3.17
To manage notif
Can you please attach AppArmor denial logs for those mounts?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2098993
Title:
Last updates to apparmor broke all AppImages, which depend on
fusermount
Can you provide more details, such as log entries, about how GNU guix
fails without an AppArmor profile?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2111753
Title:
Add profile for GNU guix
To man
** Tags added: sec-6367
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2111807
Title:
Plucky broke fstab sshfs mounts, which depend on fusermount
To manage notifications about this bug go to:
https:
** Tags added: sec-6366
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2111604
Title:
lsblk: failed to get sysfs name: Permission denied
To manage notifications about this bug go to:
https://bugs.la
Could you share the contents of /etc/apparmor.d/firefox from your
system?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2110066
Title:
Online Accounts error when adding a Google account with non-sna
** Tags added: sec-6337
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2111205
Title:
fusermount3 profile blocks libfuse module in flatpak
To manage notifications about this bug go to:
https://bugs.
** Description changed:
SRU Justification:
[ Impact ]
The remmina profile is missing a bunch of rules that would be needed in
- order to allow usage of all its functionality. As such, we will need to
+ order to allow usage of all its functionality. For example, remmina
+ lacked permiss
** Changed in: iotop-c (Ubuntu Plucky)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2107727
Title:
iotop-c: Call of nl_init fails due to insufficient rights
To manage
Updated debdiff with changelog updated based on feedback.
** Description changed:
[ Impact ]
This SRU contains fixes for a number of bugs:
- * The unprivileged_userns profile did not have access to the root directory
(https://gitlab.com/apparmor/apparmor/-/issues/505)
+ * The unprivileg
Public bug reported:
[ Impact ]
The parser did not handle the norelatime mount flag correctly,
essentially treating its addition to a list of mount flags as a no-op. A
test should also be included to ensure that the behavior is fixed and
not broken again.
[ Test Plan ]
This bug is caught by an
Public bug reported:
[ Impact ]
The apparmor.d man page contained incorrect information about the
combination of mount options=(list) options in (list), so this
documentation should be fixed, and a test included to ensure that the
documented behavior matches the actual behavior.
[ Test Plan ]
C
Public bug reported:
[ Impact ]
Various commands segfaulted when run from a confined context due to
missing permissions on the binary execution path, and their
corresponding profiles need rules to give m+r permissions for the
binaries themselves.
[ Test Plan ]
* Add the following to a new file
Public bug reported:
SRU Justification:
[ Impact ]
fusermount3 lacked permissions to mount to /cvmfs subdirectories,
breaking usage of the CernVM FS.
[ Test Plan ]
* The following instructions are adapted from
https://cvmfs.readthedocs.io/en/stable/cpt-quickstart.html
- Install the cvmfs
Public bug reported:
[ Impact ]
fusermount3 lacked permissions to mount with noatime, which is needed to
use fuse_overlayfs.
[ Test Plan ]
After installation of the new AppArmor version, the machine might need
to be rebooted. If a reboot between installation and test plan execution
is needed fo
** Description changed:
+ SRU Justification:
+
+ [ Impact ]
+
+ The remmina profile is missing a bunch of rules that would be needed in
+ order to allow usage of all its functionality. As such, we will need to
+ pull the remmina profile from Plucky to avoid breaking its usages.
+
+ [ Test Plan
** Description changed:
+ [ Impact ]
+
+ iotop-c failed to launch at all due to permission denials in nl_init and
+ missing capabilities in the iotop-c profile.
+
+ [ Test Plan ]
+
+ * Launch iotop-c under sudo (make sure to invoke iotop-c directly instead of
iotop, which might be symlinked t
** Description changed:
+ SRU Justification:
+
+ [ Impact ]
+
Configuration of an OpenVPN client with a "remote some_hostname.local"
rule on Plucky fails because the OpenVPN profile does not allow access
to /run/avahi-daemon/socket for mDNS lookups.
+
+ [ Test Plan ]
+
+ Test plan for th
** Description changed:
+ SRU Justification:
+
+ [ Impact ]
+
+ The openvpn profile lacked permissions to manage DNS settings for pushed
+ DHCP settings (LP: #2107596)
+
+ [ Test Plan ]
+
+ * This test description assumes no access to existing machines that use
OpenVPN. Additional testing of
** Description changed:
+ SRU Justification:
+
+ [ Impact ]
+
+ The plasmashell profile was missing the new path to QtWebEngineProcess,
+ causing the entire desktop environment to crash upon attempted usage of
+ the Web Browser widget.
+
+ [ Test Plan ]
+
+ This test needs to be executed on a
** Description changed:
SRU Justification:
[ Impact ]
- * lsblk on an s390x system that uses DASD disks shows no output.
-
- * journactl shows lsblk is blocked by apparmor:
-2025-04-15T15:02:26.048075+00:00 s5lp1-gen03 kernel: audit: type=1400
-audit(1744729346.034:270): appar
or automatically during an batch unattended upgrade) would
result in end users not getting this fix.
[ Other Info ]
This bug was originally reported at
https://gitlab.com/apparmor/apparmor/-/issues/505.
** Affects: apparmor (Ubuntu)
Importance: Undecided
Assignee: Ryan Lee (rlee287
** Description changed:
SRU Justification:
[ Impact ]
* lsblk on an s390x system that uses DASD disks shows no output.
* journactl shows lsblk is blocked by apparmor:
2025-04-15T15:02:26.048075+00:00 s5lp1-gen03 kernel: audit: type=1400
audit(1744729346.034:270): appar
The root cause of this issue is not related to the unprivileged_userns,
and this was instead an instance of a more general problem we found
involving profiles on applications and rules required for exec
transitions from confined. I'll replace the test plan with one
corresponding to the root cause i
** Description changed:
SRU Justification:
[ Impact ]
- * lsblk on an s390x system that uses DASD disks shows no output.
-
- * journactl shows lsblk is blocked by apparmor:
-2025-04-15T15:02:26.048075+00:00 s5lp1-gen03 kernel: audit: type=1400
-audit(1744729346.034:270): appa
It's not quite correct, because the underlying bug isn't due to the
unprivileged_userns profile but is instead due to the lsblk profile, but
I can fix that part of the text myself.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https:
** Tags added: sec-6302
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2109707
Title:
apparmor openvpn pritunl problem
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu
The proposed uploaded for Plucky is also available at
https://launchpad.net/~rlee287/+archive/ubuntu/apparmor-
staging/+packages in a PPA.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2110236
Title:
** Changed in: util-linux (Ubuntu Plucky)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2107402
Title:
lsblk on IBM z Systems blocked by apparmor in 25.04
To manage no
Public bug reported:
[ Impact ]
This SRU contains fixes for a number of bugs:
* The unprivileged_userns profile did not have access to the root directory
(https://gitlab.com/apparmor/apparmor/-/issues/505)
* lsblk could not list DASD devices on IBM System Z (LP: #2107402)
* Various commands s
Note: this affects linux-hwe-6.11 but not linux-generic (6.8).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2110161
Title:
capable-bpfcc fails to launch due to bpf compilation error
To manage noti
Public bug reported:
$ sudo capable-bpfcc
[sudo] password for ryan-lee:
In file included from /virtual/main.c:14:
In file included from include/uapi/linux/ptrace.h:183:
In file included from arch/x86/include/asm/ptrace.h:175:
In file included from arch/x86/include/asm/paravirt_types.h:12:
In
Fresh deploy of 24.04 to a node via MAAS 3.6 and I'm not seeing cloud-
init 25.2 as available.
Not seeing that version of cloud-init is available for anything below
Ubuntu 25: https://launchpad.net/ubuntu/+source/cloud-init
Is this fixed in other versions of cloud-init?
We're able to reproduce d
** Tags added: sec-6287
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2107727
Title:
iotop-c: Call of nl_init fails due to insufficient rights
To manage notifications about this bug go to:
https://
I was able to reproduce and confirm this bug, which will need fixing in
the apparmor package.
In the meantime, you can add the rule "network netlink raw," to
/etc/apparmor.d/local/iotop-c and reboot, as a workaround.
--
You received this bug notification because you are a member of Ubuntu
Bugs,
** Changed in: apparmor (Ubuntu)
Status: New => Confirmed
** Changed in: iotop-c (Ubuntu)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2107727
Title:
iot
to
extract the following BUG trace from /var/log/kern.log after the fact:
2025-05-01T17:46:22.726963-07:00 ryan-lee-laptop-13-amd kernel: watchdog: BUG:
soft lockup - CPU#3 stuck for 336s! [Renderer:5725]
2025-05-01T17:46:22.726974-07:00 ryan-lee-laptop-13-amd kernel: Modules linked
in: vhost_net
Can you please attach logs with AppArmor denial information as well as
additional information (beyond "not working anymore") that could help us
reproduce the failures locally?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bug
This was reported for Noble in
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2105840, and the
plan is to SRU the fix (currently in Plucky) back to Noble and Oracular.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bu
** Tags added: sec-6207
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2109394
Title:
AppArmor breaks Incus containers
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu
Public bug reported:
Configuration of an OpenVPN client with a "remote some_hostname.local"
rule on Plucky fails because the OpenVPN profile does not allow access
to /run/avahi-daemon/socket for mDNS lookups.
** Affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
--
You r
Upon further investigation, it turns out that the remmina profile is
missing other rules as well and needs to be expanded to handle e.g.
keyed SSH connections. As such, we have decided to pull the remmina
profile from Plucky.
--
You received this bug notification because you are a member of Ubunt
I see that you have labeled this bug as relating to AppArmor. Could you
please attach log entries from AppArmor relating to bwrap? On the other
hand, if you don't think this is related to AppArmor, please retag the
bug accordingly.
--
You received this bug notification because you are a member of
** Tags added: sec-6181
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2107723
Title:
Using KDE Plasma widget "Web Browser" kill Plasma desktop due to
QtWebEngine and AppArmor restrictions
To mana
This is a problem with the lsblk profile shipped by AppArmor and not a
problem with the util-linux package. I am not super familiar with IBM z
Systems, but I think the path that would need to be added is
/sys/devices/css0/**. @fheimes could you confirm whether this path
always includes "css0" as op
** Changed in: util-linux (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2107402
Title:
lsblk blocked by apparmor in 25.04
To manage notifications about this b
Updating statuses (again) to reflect that there should no longer be an
active wpa_supplicant profile on Plucky, and to request that people
still running into issues attach the contents of their
/etc/apparmor.d/wpa_supplicant, which should no longer exist.
** Changed in: wpa (Ubuntu)
Status:
** Tags added: sec-6112
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2106311
Title:
File picker does not work in browsers in Ubuntu 25.04 beta for SSSD
users
To manage notifications about this b
Can you please share 1) the version of the AppArmor package you now have
installed, 2) the contents of /etc/apparmor.d/remmina, and 3) the
AppArmor denial log from the syslog (which should have something like
"dbus-daemon[3722]: apparmor="DENIED""?
--
You received this bug notification because yo
Marking bug as invalid for AppArmor (Ubuntu) because the bug is solely
in the AppArmor kernel side.
** Changed in: apparmor (Ubuntu Plucky)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.lau
Public bug reported:
The default configuration of aa-notify does not have any filtering on
the notifications that it pops up, resulting in notifications that
suggest adding capabilities to unprivileged_userns, circumventing and
breaking the AppArmor userns restrictions. Since Plucky is very close
cided
Assignee: Ryan Lee (rlee287)
Status: New
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Ryan Lee (rlee287)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2106174
Title:
aa-
** Summary changed:
- not able to deploy Plucky Puffin
+ unable to deploy Plucky Puffin due to AppArmor lsblk denials
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2092232
Title:
unable to deploy P
Also found by LP: #2102680. Fixes are in Plucky but will need to be
backported to Noble and Oracular
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2105840
Title:
apparmor shell script string compari
** Also affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
** Changed in: apparmor
Status: New => Invalid
** Changed in: apparmor (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscr
The profile fix will be added as a patch to the version packaged in
Plucky, and should be uploaded into the queue by my EOD tomorrow.
** Tags added: sec-6054
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/b
Both paths involved should be in the latest lsusb profile - can you
double check the AppArmor package version you have installed and also
include the contents of your /etc/apparmor.d/lsusb?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubunt
** Changed in: remmina (Ubuntu)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2102033
Title:
remmina blocked by apparmor in Plucky
To manage notifications about
Public bug reported:
As reported by https://gitlab.com/apparmor/apparmor/-/issues/302,
execution log ignore and inherit shared the same hotkey (i) in aa-
genprof and aa-logprof, so there is no way to ignore the execution.
** Affects: apparmor (Ubuntu)
Importance: Undecided
Status: N
Public bug reported:
As reported in https://gitlab.com/apparmor/apparmor/-/issues/493, the
child profile component of a profile name is not handled correctly by
aa-enforce, resulting in it being stripped.
** Affects: apparmor (Ubuntu)
Importance: Undecided
Assignee: Ryan Lee (rlee287
The corresponding umount rule also needs to be fixed, but otherwise the
diff LGTM
** Tags added: sec-6014
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Ryan Lee (rlee287)
** Changed in: apparmor (Ubuntu)
Status: New => In Progress
--
You received this bug notifi
On Fri, Mar 21, 2025 at 10:52:52PM -, Bryce Harrington wrote:
>openldap | 2.6.9+dfsg-2ubuntu1 | plucky
Thank you!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2097634
Title:
Please me
** Tags added: sec-5988
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2103524
Title:
lsblk apparmor profile denies block device lookup on Azure
To manage notifications about this bug go to:
https:/
After a discussion with Alex Murray and John Johansen, we decided on the
following OpenVPN policy adjustments:
- allowing writes to files in the /etc/openvpn, and not just reads
- allowing reads to most of the home directories
- allowing writes to most of the home directories, with an owner restri
*** This bug is a duplicate of bug 2101909 ***
https://bugs.launchpad.net/bugs/2101909
** This bug has been marked a duplicate of bug 2101909
AppArmor OpenVPN profile blocks access to NetworkManager-OpenVPN imported
certs
--
You received this bug notification because you are a member of
** Changed in: apparmor (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2101869
Title:
apparmor utils tools cannot parse fusermount3 profile
To manage notific
We'll be packaging up os-prober profiles in the main AppArmor package so
that they're installed by default and so that we can update them more
easily if necessary.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.
Also, I see that you added remmina to LP: #2046844, but the log that you
pasted into the bug report above does not have anything to do with user
namespaces.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bug
Is that the only AppArmor log message being generated, or are there
more?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2102033
Title:
remmina blocked by apparmor in Plucky
To manage notifications
Public bug reported:
The openvpn profile shipped in the AppArmor package in Plucky
(4.1.0~beta5-0ubuntu6 as of time of writing) does not allow access to
the ~/.cert/nm-openvpn, which is needed to allow OpenVPN to use
certificate files imported by NetworkManager. This was reported by
"@zorn-v" upst
** Changed in: apparmor
Status: New => Fix Released
** Changed in: apparmor (Ubuntu)
Status: Fix Committed => Fix Released
** Changed in: apparmor (Ubuntu Oracular)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubunt
Does the imfile module still work correctly despite the denial logs, or
is it unable to perform monitoring as expected?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2101180
Title:
Multiple DENIED a
For the record: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476184
has a rationale for why os-prober introduced mount namespaces in the
first place. If we remove the unsharing of the mount namespace, can we
also make sure that os-prober won't fall over if its unmount calls fail?
** Bug watch
** Changed in: apparmor (Ubuntu)
Status: New => Fix Committed
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Ryan Lee (rlee287)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.ne
** Changed in: apparmor (Ubuntu)
Status: Confirmed => Fix Committed
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Ryan Lee (rlee287)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchp
Public bug reported:
Currently, there is no way to configure the PBKDF for dmcrypt when
running cryptsetup [1]. However, it is possible to do [2]. The default
PBKDF is Argon2i, which is not currently FIPS 140-3 compliant. This
means users of 22.04 FIPS will not be able to autoinstall in a complian
** Changed in: apparmor (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2100295
Title:
Apparmor settings for fusermount3 break flatpak
To manage notifications
The broken profile located in /etc/apparmor.d/wpa_supplicant should have
been removed by the upgrade to 4.1.0~beta5-0ubuntu5. Was it still there
on your system after the upgrade?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://
Hi Heinrich,
Could you also confirm how you constructed the above AppArmor profile
for wpa_supplicant? Did you create it based on the broken wpa_supplicant
profile shipped in the earlier AppArmor package, or did you create it
some other way?
--
You received this bug notification because you are
Switching this to "Fix Released" now that the 0ubuntu5 release is out
that disables the profile - feel free to switch back if you're still
encountering issues even on that release.
** Changed in: apparmor (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification bec
Here's a debdiff pulling in the patch that provides the fix
** Patch added: "Apply patch from upstream which fixes the issue"
https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/2098896/+attachment/5859135/+files/qemu_6.2+dfsg-25_to_26.debdiff
--
You received this bug notification because yo
I figured something out. This appears to be the commit with the fix:
$ git show 1e64facc015e16d8e4efa239feaeda9e4e9aeb04
commit 1e64facc015e16d8e4efa239feaeda9e4e9aeb04 (HEAD)
Author: Dmitry Tikhov
Date: Tue Apr 12 11:59:09 2022 +0300
hw/nvme: fix narrowing conversion
Since nlbas
1 - 100 of 9188 matches
Mail list logo
