** Description changed: A CPC test build of a jammy image with 6.8 edge kernel revealed that AppArmor profiles are missing for 6.8 kernel in livecd-rootfs, leading to fall back to generic AppArmor profiles which don't contain configuration for io_uring. This leads to `snap debug seeding` output non-empty `seed-restart-system-key` dict (attached in snap-debug- seeding.json) after first boot. [ Impact ] Boot will be slowed by ~200ms until this is resolved in livecd-rootfs [ Test Plan ] * Build a jammy cloud image with preseeded snaps with the 6.8 edge kernel * Boot an instance * Invoke "snap debug seeding" - * Ensure the output does not include "seed-restart-system-key", if it does the difference between "preseed-system-key" and "apparmor-features"/"apparmor-parser-features" is other than "policy:unconfined_restrictions" + * Ensure the output does not include "seed-restart-system-key", if it does the difference between "preseed-system-key" and "apparmor-features"/"apparmor-parser-features" is other than "io_uring" [ Where problems could occur ] * If the attempted fix has problems "snap debug seeding" should continue to report "seed-restart-system-key". There should not be any other fallout. [ Other Info ] Public cloud images block image publication on a test ensuring that snaps are preseeded. As a result this will block jammy image publication once the edge kernel becomes the HWE kernel.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2074204 Title: AppArmor profiles missing for jammy and 6.8 kernel To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/2074204/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
