Preempting an SRU analysis of this bug, for noble, I would ask for more clarification:
- make it clearer that while bin:podman has the apparmor profile bits that need fixing, they come from src:golang-github-containers-common. In other words, both packages need to be SRUed, and src:golang-github-containers-common needs to be updated first, land in proposed, and then src:libpod can be rebuilt - just upgrading the bin:podman package with the fix is not enough: it looks like the loading of the profile is gated on the version number, as shown by the profile name: "containers-default-0.57.4". I haven't tested this, but I think that if that version changed, then when starting a new container with the new podman, the new profile would be loaded, instead of taking the one already loaded into the kernel. Perhaps we could mangle that version to incorporate an ubuntu suffix for such cases like this SRU, where we are fixing the apparmor profile? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2040483 Title: AppArmor denies crun sending signals to containers (stop, kill) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/golang-github-containers-common/+bug/2040483/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs