Control: severity -1 important
Am 09.09.23 um 14:20 schrieb intrigeri:
Hi again,
Thank you all for working both on workarounds for Debian CI and on
a proper upstream Linux kernel fix. Impressive cross-team work! :)
+1
At this stage it seems clear that the bug and the corresponding ideal
Hi again,
Thank you all for working both on workarounds for Debian CI and on
a proper upstream Linux kernel fix. Impressive cross-team work! :)
At this stage it seems clear that the bug and the corresponding ideal
fix are in the AppArmor part of src:linux, and the bug affects at
least
Hello,
Am Samstag, 2. September 2023, 01:13:11 CEST schrieb Mathias Gibbens:
> A minimal reproducer is to install bookworm and create a container
> with a systemd service using a hardening option like
> PrivateNetwork=yes. With the latest bookworm kernel (6.1.38-4), the
> service will fail.
Am 01.09.23 um 13:23 schrieb Michael Biebl:
The only way to fix the container was to use the aforementioned
`lxc.apparmor.profile = unconfined`.
I think we should do that as the breakage is rather widespread and I
already see individual packages trying to work around that to at least
keep
4 matches
Mail list logo
