$ apt-cache policy apparmor
apparmor:
Installed: 4.0.1really4.0.1-0ubuntu0.24.04.6
Candidate: 4.0.1really4.0.1-0ubuntu0.24.04.6
Version table:
*** 4.0.1really4.0.1-0ubuntu0.24.04.6 100
100 http://archive.ubuntu.com/ubuntu noble-proposed/main amd64 Packages
100 /var/lib/dpkg/status
4.0.1really4.0.1-0ubuntu0.24.04.5 500
500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
4.0.0-beta3-0ubuntu3 500
500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
`sudo aa-status` shows that the profiles are no longer loaded.
As a control, `unshare -U true` runs successfully and generates an audit
log for a profile transition, while `unshare -Ur true` fails with a
permission denial of writing to /proc/self/uid_map.
With the profile removed, `busybox unshare -U true` runs successfully
and generates an audit log for a profile transition, while `busybox
unshare -Ur true` fails with a permission denial of writing to
/proc/self/setgroups. Both binaries behave as expected.
$ ps -Zelf | grep -F 'nautilus'
unconfined 0 S ryan-lee 2835 1603 11 80 0 -
606824 poll_s 18:54 ? 00:00:01 /usr/bin/nautilus --gapplication-service
Test plan verification succeeded.
** Tags removed: verification-needed verification-needed-noble
** Tags added: verification-done verification-done-noble
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2142792
Title:
The busybox and nautilus profiles in 24.04 should be removed
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2142792/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
