This bug was fixed in the package linux - 4.4.0-16.32
---
linux (4.4.0-16.32) xenial; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1561727
* fix thermal throttling due to commit "Thermal: initialize thermal zone
device correctly" (LP: #1561676)
- Ther
Please note, this will require future backport kernels to be patched to
maintain this semantic for the LTS release. Upstream kernels and future
ubuntu kernels will not retain the broken semantic.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed t
I spoke with John in IRC. While he still doesn't like the two patches
that were written to fix this bug, he understands the reasoning.
They're needed for 16.04 so do not revert them.
In a future release, we'll do a more complete lock down of the
apparmorfs profiles file and apparmorfs profile dir
To clarify "necessary to open up".
1. the old behavior was wrong. It allowed introspection of policy in situation
that it should not have.
2. In order to open up the profiles file so that more than the system root
could introspect it, DAC restrictions needed to be removed and the permission
che
This is not an issue. It is working as designed and is necessary to open
up the file for the stacking work.
This patch should be reverted immediately as it opens up a policy
introspection hole.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
Hi Tim - Thanks for scooping up those patches. I didn't intend for you
to have to do that and planned to send them out this morning. I
appreciate it! :)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/15
** Also affects: linux (Ubuntu Xenial)
Importance: High
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
** Changed in: linux (Ubuntu Xenial)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subs
I've created patches to fix this issue and built test kernels. Patches
and kernels can be found here:
http://people.canonical.com/~tyhicks/lp1560583/
In my testing, the patches fix this bug.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
** Changed in: linux (Ubuntu)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1560583
Title:
reading /sys/kernel/security/apparmor/profiles requires CAP_MAC_ADM