This is a LXD commit, not a LXC one. LXC cannot be fixed in the same way
as it has a single apparmor policy covering both privileged and
unprivileged containers, until such time as the apparmor security issue
is resolved, there's nothing we can do to fix this issue without causing
a giant security hole in the process.
** Changed in: lxc (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1814986
Title:
lxd/apparmor: Tweak default set of rules
Status in lxc package in Ubuntu:
Invalid
Bug description:
branches cosmic & disco
the impact of current lxc aa rules in conjunction with systemd v240 is
outlined here
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1813622/comments/10
Whilst LXC committed the patch to its master
https://github.com/lxc/lxd/commit/a6b780703350faff8328f3d565f6bac7b6dcf59f
it has not arrived downstream and thus would be appreciated to be
merged, both in cosmic and disco since impacting users of both
branches, e.g. arch linux guest that already deploy systemd v240
without this patch particular ubuntu patch
https://git.launchpad.net/~ubuntu-core-
dev/ubuntu/+source/systemd/commit/?id=030919ba5e4931d6ee576d0259fae67fe4ed9770
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1814986/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
