Public bug reported:
The file /usr/share/apparmor/hardware/graphics.d/apparmor-easyprof-
ubuntu_android can be bind-mounted by the device tarball in order for it
to provide the specific apparmor rules for such hardware.
That works well most of the time, but we noticed that (specially after
updates) that the generated cache is not containing the changes that are
bind-mounted when the device booted (as part of the initrd).
The private bug 1373923 for krillin covers this issue if required.
As a workaround we decided to push the device specifics apparmor rules
as part of lxc-android-config. The good side effect of that is that the
pre-generated cache files can be used right on the first boot.
This bug is just to track the investigation if it shows up again on a
following up hardware.
** Affects: initramfs-tools-ubuntu-touch (Ubuntu)
Importance: Undecided
Status: New
** Description changed:
The file /usr/share/apparmor/hardware/graphics.d/apparmor-easyprof-
ubuntu_android can be bind-mounted by the device tarball in order for it
to provide the specific apparmor rules for such hardware.
That works well most of the time, but we noticed that (specially after
updates) that the generated cache is not containing the changes that are
bind-mounted when the device booted (as part of the initrd).
The private bug 1373923 for krillin covers this issue if required.
As a workaround we decided to push the device specifics apparmor rules
as part of lxc-android-config. The good side effect of that is that the
pre-generated cache files can be used right on the first boot.
+
+ This bug is just to track the investigation if it shows up again on a
+ following up hardware.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools-ubuntu-
touch in Ubuntu.
https://bugs.launchpad.net/bugs/1425704
Title:
Sometimes apparmor fails to generate a proper cache if rules are bind-
mounted (provided by the device tarball)
Status in initramfs-tools-ubuntu-touch package in Ubuntu:
New
Bug description:
The file /usr/share/apparmor/hardware/graphics.d/apparmor-easyprof-
ubuntu_android can be bind-mounted by the device tarball in order for
it to provide the specific apparmor rules for such hardware.
That works well most of the time, but we noticed that (specially after
updates) that the generated cache is not containing the changes that
are bind-mounted when the device booted (as part of the initrd).
The private bug 1373923 for krillin covers this issue if required.
As a workaround we decided to push the device specifics apparmor rules
as part of lxc-android-config. The good side effect of that is that
the pre-generated cache files can be used right on the first boot.
This bug is just to track the investigation if it shows up again on a
following up hardware.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/initramfs-tools-ubuntu-touch/+bug/1425704/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
