** Changed in: linux (Ubuntu Xenial)
Status: Incomplete => Confirmed
** Changed in: linux (Ubuntu Yakkety)
Status: Incomplete => Confirmed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1677959
Title:
change_profile incorrect when using namespaces with a compound stack
Status in AppArmor:
New
Status in linux package in Ubuntu:
Fix Committed
Status in linux source package in Xenial:
Confirmed
Status in linux source package in Yakkety:
Confirmed
Status in linux source package in Zesty:
Fix Committed
Bug description:
When a compound label is used as part of a target namespace the change
profile will result in a bad change
a task confined by profile lxd doing
change_profile(&:ns://foo//&unconfined)
results in a change_profile to
:ns://foo
and
unconfined
causing the local system profile to change instead of setting up a stack in
the sub namespace
ie.
unconfined//&:ns://foo
instead of the expected
lxd//&:ns://foo//&:ns://unconfined
https://github.com/lxc/lxd/issues/2981
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1677959/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
