After discussing with Field, snapd, kernel and the security team, this will break existing Ubuntu Core devices that use the 4.4 kernel and the network-manager snap in the default channel (per reporter, the 1.10 channel is unaffected). Therefore, the 4.4 kernels snaps that include this change (ie, 4.4.0-160.188 based) must not be promoted to stable at this time.
The snapd team is investigating an idea to gate the kernel snap refresh on snapd 2.41 (ie, that has the updated policy) and should know more tomorrow. If it works, we'll coordinate with the kernel team for any necessary changes. While this change may still be suitable for the Ubuntu archive, I'm marking it as verification-failed-xenial for now to ensure that automated processes don't promote 4.4.0-160.188 to stable without coordination. ** Tags removed: verification-done-xenial ** Tags added: verification-failed-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1658219 Title: flock not mediated by 'k' To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1658219/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
