[pkg-apparmor] Bug#847370: Recent apparmor broke "virsh lxc-enter"
intrigeri
intrigeri at debian.org
Sun Dec 18 20:48:13 UTC 2016
Control: tag -1 + moreinfo
Hi,
Guido Günther:
> Yes, I think so. The machine is running 4.8.0 now and I think it was
> 4.2.0 before. Unfortunately it's quiet some time since I ran the tests
> last time (2016-11-15 IIRC) and the box was not up to date at that date.
OK. It might be that the kernel component of AppArmor changed wrt.
how it handles namespaces in between, but really I've no idea.
>> What's the last working version of AppArmor (userspace)?
> I _think_ it's 2.10.95-4 but I'm not sure.
OK.
> As I wrote this is mostly a placeholder to gather the necessary
> information, I will have to put more time into sorting out what
> _exactly_ triggered it but not having seen this type of DENIED before I
> thought I'd file a bug to check with you guys if you know this kind of
> problem already.
Cool, good idea!
Well, info="Failed name lookup - disconnected path" does ring a bell.
It might be that the libvirtd profile needs the attach_disconnected
flag (there are plenty of examples that do in my /etc/apparmor.d).
Can you please try and report back?
Cheers,
--
intrigeri
More information about the pkg-apparmor-team
mailing list