The verification of the Stable Release Update for quassel has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1814302 Title: Quasselcore apparmor profile issue in lxd container. Status in AppArmor: Invalid Status in apparmor package in Ubuntu: Invalid Status in quassel package in Ubuntu: Fix Released Status in apparmor source package in Bionic: Invalid Status in quassel source package in Bionic: Fix Committed Status in apparmor source package in Focal: Invalid Status in quassel source package in Focal: Fix Committed Status in apparmor source package in Groovy: Invalid Status in quassel source package in Groovy: Fix Released Bug description: [impact] quasselcore cannot start inside lxd container [test case] create lxd container, install quassel-core, check quasselcore service: $ systemctl status quasselcore ● quasselcore.service - distributed IRC client using a central core component Loaded: loaded (/lib/systemd/system/quasselcore.service; enabled; vendor preset: enabled) Active: failed (Result: signal) since Tue 2020-06-30 18:32:40 UTC; 4s ago Docs: man:quasselcore(1) Process: 3853 ExecStart=/usr/bin/quasselcore --configdir=${DATADIR} --logfile=${LOGFILE} --loglevel=${LOGLEVEL} --port=${PORT} --listen=${LISTEN} (code=killed, signal=SEGV) Main PID: 3853 (code=killed, signal=SEGV) Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Scheduled restart job, restart counter is at 7. Jun 30 18:32:40 lp1814302-f systemd[1]: Stopped distributed IRC client using a central core component. Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Start request repeated too quickly. Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Failed with result 'signal'. Jun 30 18:32:40 lp1814302-f systemd[1]: Failed to start distributed IRC client using a central core component. Also, the binary will segfault when run directly due to apparmor denials: $ /usr/bin/quasselcore Segmentation fault [760149.590802] audit: type=1400 audit(1593542073.962:1058): apparmor="DENIED" operation="file_mmap" namespace="root//lxd- lp1814302-f_<var-snap-lxd-common-lxd>" profile="/usr/bin/quasselcore" name="/usr/bin/quasselcore" pid=2006430 comm="quasselcore" requested_mask="r" denied_mask="r" fsuid=1000110 ouid=1000000 [regression potential] this expands the apparmor profile, so any regression would likely involve problems while starting due to apparmor. [scope] this is needed for b/f/g. this is also needed for e, but that is EOL in weeks and this is not important enough to bother there. [original description] Fresh install of Ubuntu 18.04. lxd installed from snap. Fresh 18.04 container. Everything up todate via apt. Install quassel-core. Service will not start. Set "aa-complain /usr/bin/quasselcore" allows quasselcore to start. I then added "/usr/bin/quasselcore rm," to "/etc/apparmor.d/usr.bin.quasselcore". Set "aa-enforce /usr/bin/quasselcore". Restarted main host. Quasselcore service now starts and I can connect to it. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1814302/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
