[pkg-apparmor] Bug#1050256: autopkgtest fails on debci

Michael Biebl biebl at debian.org
Thu Aug 31 07:41:59 BST 2023


On Tue, 22 Aug 2023 16:08:24 +0200 Michael Biebl <biebl at debian.org> wrote:
> Source: systemd
> Version: 254.1-2
> Severity: important
> 
> 
> Looking at https://ci.debian.net/packages/s/systemd/unstable/amd64/ ,
> systemd has been failing on debci since about the beginning of May.
> 
> Asking around on #debci, this might be kernel related, as the debci
> related systems were upgraded to bookworm around that time.
> 
> 

What we found so far is, that the AppArmor policy of lxc breaks any 
systemd service using PrivateNetwork=yes or PrivateIPC=yes when being 
run under lxc (running under bookworm using the bookworm kernel).

I wonder what the best course of action is here.
Should we disable the AA policy of lxc via a stable upload of the lxc 
package until the root cause is found?

Unfortunately I know too little about AppArmor and lxc's AppArmor policy 
and my attempts to ask around for help weren't successful so far.



Regards,
Michael



-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-apparmor-team/attachments/20230831/b64318b4/attachment.sig>


More information about the pkg-apparmor-team mailing list