Your message dated Sat, 10 Jan 2026 11:52:34 +0000
with message-id <[email protected]>
and subject line Released with 13.3
has caused the Debian Bug report #1121206,
regarding trixie-pu: package incus/6.0.4-2+deb13u3
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1121206: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121206
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: trixie
User: [email protected]
Usertags: pu
X-Debbugs-Cc: [email protected]
Control: affects -1 + src:incus
[ Reason ]
runc's recent fix for CVE-2025-52881 has exposed a problem with
apparmor profiles for nested containers
(https://github.com/opencontainers/runc/issues/4968). This requires an
update to Incus' logic for generating a container's apparmor profile.
[ Impact ]
Users cannot run docker within an Incus container.
[ Tests ]
I have manually tested running docker within a container and verified
that `docker run hello-world` works once again with the fix.
[ Risks ]
Minor/none -- the fix has been in upstream Incus packages for two weeks
and no regressions have been reported.
[ Checklist ]
[*] *all* changes are documented in the d/changelog
[*] I reviewed all changes and I approve them
[*] attach debdiff against the package in (old)stable
[*] the issue is verified as fixed in unstable
[ Changes ]
Rebase fix from upstream: https://github.com/lxc/incus/pull/2624.
[ Other info ]
The source debdiff is attached.
diff -Nru incus-6.0.4/debian/changelog incus-6.0.4/debian/changelog
--- incus-6.0.4/debian/changelog 2025-11-10 13:32:56.000000000 +0000
+++ incus-6.0.4/debian/changelog 2025-11-22 15:21:53.000000000 +0000
@@ -1,3 +1,9 @@
+incus (6.0.4-2+deb13u3) trixie; urgency=medium
+
+ * Backport fix for running nested docker in containers (Closes: #1121011)
+
+ -- Mathias Gibbens <[email protected]> Sat, 22 Nov 2025 15:21:53 +0000
+
incus (6.0.4-2+deb13u2) trixie-security; urgency=high
* Backport upstream fix for GHSA-56mx-8g9f-5crf
diff -Nru incus-6.0.4/debian/patches/008-cherry-pick-fix-nested-docker.patch incus-6.0.4/debian/patches/008-cherry-pick-fix-nested-docker.patch
--- incus-6.0.4/debian/patches/008-cherry-pick-fix-nested-docker.patch 1970-01-01 00:00:00.000000000 +0000
+++ incus-6.0.4/debian/patches/008-cherry-pick-fix-nested-docker.patch 2025-11-22 15:21:53.000000000 +0000
@@ -0,0 +1,72 @@
+From 1fbe4bffb9748cc3b07aaf5db310d463c1e827d0 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?St=C3=A9phane=20Graber?= <[email protected]>
+Date: Wed, 5 Nov 2025 20:24:47 -0500
+Subject: [PATCH] incusd/apparmor/lxc: Don't bother with sys/proc protections
+ when nesting enabled
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+When nesting is enabled, it's possible for the container to get a clean
+copy of /proc or /sys mounted anywhere without AppArmor being able to
+mediate. So there's little point in trying to apply safety checks on top
+of the main /proc and /sys.
+
+On top of that, we've recently discovered that AppArmor doesn't properly
+handle file access relative to a file descriptor, causing a bunch of
+those checks to deny access when they shouldn't.
+
+Closes #2623
+
+Signed-off-by: Stéphane Graber <[email protected]>
+Rebased-by: Mathias Gibbens <[email protected]>
+---
+ internal/server/apparmor/instance_lxc.profile.go | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/internal/server/apparmor/instance_lxc.profile.go b/internal/server/apparmor/instance_lxc.profile.go
+index 5c46e8af0..417eb6f97 100644
+--- a/internal/server/apparmor/instance_lxc.profile.go
++++ b/internal/server/apparmor/instance_lxc.profile.go
+@@ -329,6 +329,7 @@ profile "{{ .name }}" flags=(attach_disconnected,mediate_deleted) {
+ mount options=(rw,move) /sy[^s]*{,/**},
+ mount options=(rw,move) /sys?*{,/**},
+
++{{- if not .nesting }}
+ # Block dangerous paths under /proc/sys
+ deny /proc/sys/[^fkn]*{,/**} wklx,
+ deny /proc/sys/f[^s]*{,/**} wklx,
+@@ -424,6 +425,7 @@ profile "{{ .name }}" flags=(attach_disconnected,mediate_deleted) {
+ deny /sys/fs/cgrou[^p]*{,/**} wklx,
+ deny /sys/fs/cgroup?*{,/**} wklx,
+ deny /sys/fs?*{,/**} wklx,
++{{- end }}
+
+ {{- if .feature_unix }}
+
+@@ -446,6 +448,7 @@ profile "{{ .name }}" flags=(attach_disconnected,mediate_deleted) {
+
+ {{- if .feature_stacking }}
+
++{{- if not .nesting }}
+ ### Feature: apparmor stacking
+ deny /sys/k[^e]*{,/**} wklx,
+ deny /sys/ke[^r]*{,/**} wklx,
+@@ -471,14 +474,17 @@ profile "{{ .name }}" flags=(attach_disconnected,mediate_deleted) {
+ deny /sys/kernel/security/apparmor?*{,/**} wklx,
+ deny /sys/kernel/security?*{,/**} wklx,
+ deny /sys/kernel?*{,/**} wklx,
++{{- end }}
+
+ change_profile -> ":{{ .namespace }}:*",
+ change_profile -> ":{{ .namespace }}://*",
+ {{- else }}
+
+ ### Feature: apparmor stacking (not present)
++{{- if not .nesting }}
+ deny /sys/k*{,/**} wklx,
+ {{- end }}
++{{- end }}
+
+ {{- if .nesting }}
+
diff -Nru incus-6.0.4/debian/patches/series incus-6.0.4/debian/patches/series
--- incus-6.0.4/debian/patches/series 2025-11-10 13:32:56.000000000 +0000
+++ incus-6.0.4/debian/patches/series 2025-11-22 15:21:53.000000000 +0000
@@ -5,6 +5,7 @@
005-cherry-pick-qemu-socket-cleanup.patch
006-cherry-pick-agent-mount-retry.patch
007-cherry-pick-usb-hotplug-fix.patch
+008-cherry-pick-fix-nested-docker.patch
100-CVE-2025-54293.patch
101-CVE-2025-54287.patch
102-CVE-2025-54288.patch
signature.asc
Description: This is a digitally signed message part
--- End Message ---
--- Begin Message ---
Package: release.debian.org\nVersion: 13.3\n\nThis update has been released as
part of Debian 13.3.
--- End Message ---
