If I understand correctly, a proper replacement for
mount options=(rw,make-unbindable) -> **,
is
mount options=(rw,make-unbindable) -> /{,**},
It turned out that replacing it with:
mount options=(rw,make-unbindable) -> /**,
does not work properly and restricts anything on /
(see also http
JFYI: https://github.com/lxc/lxc/pull/4452
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2064144
Title:
lxc ships apparmor config that confuses aa-logprof
To manage notifications about this bug go
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: apparmor (Ubuntu Noble)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2064144
Titl
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: apparmor (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2064144
Title:
l
From LXC side, we probably should fix this too, just to follow the
AppArmor spec. I'll prepare a PR for that.
John, what's the best way to validate AppArmor profiles syntax and
conformance with the spec?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subs
I opened a Ubuntu Noble specific task. We can close it after verifying
the current apparmor in noble fixes the issue.
** Also affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
** Also affects: apparmor (Ubuntu Noble)
Importance: Undecided
Status: New
--
You recei
