This might be in the compiler The feature file you are inning supports v8 socket mediation. The user space however does not. The ubuntu kernel supports v7 and v8 socket mediation, but the user space only supports v7. I need to dig into this more but it looks like the user space compiler is generating v7 network rules when using the ubuntu kernel.
2.13 actually uses two feature sets the kernel features (--kernel- features, used to determine cache location and bound compile features to what the kernel can actually load) and the compile features (--compile- features). They can be set separately but the --features-file option is supposed to set both of them to the same value. There is a a bug in 2.13.2 where --features-file is only setting the compile-features. This was addressed by upstream commit e83fa67edfb534976dc4133e634519084153c0e7. We should be able to test whether this patch is the fix by set both features-file and kernel-features to the same file. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1842459 Title: apparmor abi-feature pinning not working with Disco and Eoan kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1842459/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
