I'm looking at the changelogs since 4.1.1-0ubuntu3. Would these be the new profiles:
- curl - ssh-keygen (already removed) Then in 5.0.0~alpha1-0ubuntu1: +etc/apparmor.d/dig +etc/apparmor.d/free +etc/apparmor.d/gs +etc/apparmor.d/hostname +etc/apparmor.d/john +etc/apparmor.d/locale +etc/apparmor.d/lsof +etc/apparmor.d/notify-send +etc/apparmor.d/nslookup +etc/apparmor.d/proftpd +etc/apparmor.d/qpdf +etc/apparmor.d/ssh-keyscan +etc/apparmor.d/systemd-detect-virt +etc/apparmor.d/tunables/gs +etc/apparmor.d/tunables/print-devices +etc/apparmor.d/who There we see some of the ones where we identified problems already: dig, free, hostname, locale, lsof (this one panics the kernel, oops) Some of these are in the "doesn't work" category because they are missing the consoles abstraction. Those would be the ones that get a DENIED when trying to write to /dev/pts/<N> when run in a lxd container. That is a separate bug from this one here. I think that one should be tracked in https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2121401 For this bug here, what criteria should we use? Inside a lxd container, "mkdir /randomdir; <cmd-under-test> > /randomdir/hello.txt" <-- if that breaks, it's affected, and candidate for removal from questing? We could decide to concentrate on the profiles that were added for questing, because this bug has been out there for a long time looks like (at least noble kernel), and this is the first time we saw it. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2121552 Title: "free > file" blocked by apparmor inside questing lxd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/2121552/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
