*** This bug is a duplicate of bug 1216294 ***
https://bugs.launchpad.net/bugs/1216294
Thanks for the bug report! This is a duplicate of bug #1216294.
There's no need to test mainline, as Joseph asked you to do. This is
caused by an AppArmor patch that is specific to Ubuntu and not yet
Bug #1218487, which is a duplicate of this one, suggests that an i386
server VM with 512 MB RAM can reproduce this bug. I'm installing such a
VM now.
** Changed in: linux (Ubuntu)
Assignee: (unassigned) = Tyler Hicks (tyhicks)
** Changed in: linux (Ubuntu)
Status: Fix Committed = New
Confirmed on i386 saucy server VM w/ 512 MB RAM
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1216294
Title:
kernel 3.11.0-3-generic BUG: unable to handle kernel paging request
Status
** Changed in: linux (Ubuntu)
Status: Confirmed = In Progress
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1216294
Title:
kernel 3.11.0-3-generic BUG: unable to handle kernel
Here's the proposed patch that I sent to the AppArmor mailing list for
review:
https://lists.ubuntu.com/archives/apparmor/2013-September/004289.html
Here's an i386 test kernel with some kernel debugging options enabled
(CONFIG_DEBUG_ATOMIC_SLEEP, CONFIG_DEBUG_BUGVERBOSE, CONFIG_DEBUG_SG,
and
)
Assignee: (unassigned) = Tyler Hicks (tyhicks)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1243636
Title:
ecryptfs currupts files over 4GB size
Status in eCryptfs:
Triaged
Status
** Tags added: kernel-bug-exists-upstream
** Changed in: ecryptfs
Status: New = Triaged
** Changed in: linux (Ubuntu)
Status: Incomplete = Triaged
** Changed in: ecryptfs
Importance: Undecided = Critical
** Changed in: ecryptfs
Assignee: (unassigned) = Tyler Hicks
** Also affects: ecryptfs
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1243636
Title:
ecryptfs currupts files over 4GB size
Status in
** Summary changed:
- ecryptfs currupts files over 4GB size
+ ecryptfs currupts files over 4GB size on i686
** Changed in: ecryptfs
Status: Triaged = In Progress
** Changed in: linux (Ubuntu)
Status: Triaged = In Progress
--
You received this bug notification because you are a
Thanks Colin!
As I mentioned in IRC, I came up with the same patch last night and
successfully ran tests against it overnight. We'll go with your patch
since it already has a commit message. I targeted it for 3.11+ stable
and will push it to Linus today. I'll also get the Ubuntu SRU prepared.
--
** Description changed:
+ [SRU Justification]
+
+ Commit 24d15266bd86b7961f309a962fa3aa177a78c49f introduced a data corruption
+ regression on 32 bit architectures when writing past the 4 GB.
+
+ [Impact]
+
+ 32 bit users experience corruption of large files.
+
+ [Fix]
+
+ A cast is needed
** Description changed:
[SRU Justification]
Commit 24d15266bd86b7961f309a962fa3aa177a78c49f introduced a data corruption
regression on 32 bit architectures when writing past the 4 GB.
[Impact]
32 bit users experience corruption of large files.
[Fix]
A cast is needed
Public bug reported:
In 13.10, AppArmor added the ability to get the AppArmor label of the peer on
the other end of an UNIX domain socket.
However, it doesn't work for sockets created with socketpair(). The
getsockopt() syscall returns ENOPROTOOPT.
This is not an urgent bug and it does not
This bug was fixed in 14.04 LTS.
$ cat /proc/version_signature
Ubuntu 3.13.0-24.46-generic 3.13.9
$ gcc -o socketpair socketpair.c -lapparmor ./socketpair
con = unconfined; mode = (null)
$ echo profile f { file, } | sudo apparmor_parser -qr
$ aa-exec -p f ./socketpair
con = f; mode = enforce
Assigning this to jj and subscribing ubuntu-security, since it is an
AppArmor kernel bug, so that it doesn't get lost.
** Changed in: linux (Ubuntu)
Status: Confirmed = New
** Changed in: linux (Ubuntu)
Assignee: (unassigned) = John Johansen (jjohansen)
--
You received this bug
This issue is unrelated to the SYN cookie check in test-kernel-security.py. It
just so happens that the test caught the bug. Here's two kernel stack dumps
that I see in the logs after booting the 2.6.32-61-generic #123 kernel:
sysctl table check failed: /net/core/somaxconn .3.1.18 Missing
This upstream commit, which is not in Lucid, removed the .ctl_name initializer
from netns_core_table:
f8572d8 sysctl net: Remove unused binary sysctl code
Since Lucid's netns_core_table initializes .ctl_name, sysctl_check_table()
requires the .strategy field to be initialized. Other places
can obviously help out as needed.
** Also affects: lightdm (Ubuntu)
Importance: Undecided
Status: New
** Changed in: lightdm (Ubuntu)
Status: New = In Progress
** Changed in: lightdm (Ubuntu)
Assignee: (unassigned) = Tyler Hicks (tyhicks)
** Changed in: lightdm (Ubuntu
Here's the lightdm debdiff to allow the guest session to start with
AppArmor signal and ptrace mediation. It is tested on Trusty amd64.
** Patch added: lightdm_1.9.14-0ubuntu2.debdiff
Here's an updated libvirt debdiff. I rebase Jamie's debdiff on top of
the libvirt that was uploaded to the archive yesterday.
** Patch added: libvirt_1.2.2-0ubuntu9.debdiff
Here's the apparmor debdiff. The testing performed in described in the
bug description. Let me know if there are any questions.
** Patch added: apparmor_2.8.95~2430-0ubuntu4.debdiff
Public bug reported:
Running the changehat_misc.sh AppArmor regression test results in a
kernel paging request bug.
$ apt-get source apparmor
$ cd apparmor-2.8.0/tests/regression/apparmor/
$ make all
$ sudo VERBOSE=1 bash changehat_misc.sh
ok: NO CHANGEHAT (access parent file)
ok: NO CHANGEHAT
Status: New
** Changed in: ecryptfs
Assignee: (unassigned) = Tyler Hicks (tyhicks)
** Changed in: ecryptfs
Importance: Undecided = High
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs
Marking the kernel task as invalid, since this is an auditctl bug.
** Changed in: linux (Ubuntu)
Status: Incomplete = Invalid
** Changed in: audit (Ubuntu)
Importance: Medium = High
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed
(Ubuntu)
Importance: Undecided = Medium
** Changed in: audit (Ubuntu)
Status: Confirmed = Triaged
** Changed in: audit (Ubuntu)
Assignee: (unassigned) = Tyler Hicks (tyhicks)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed
** Changed in: audit (Ubuntu)
Status: Triaged = In Progress
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1158500
Title:
auditd fails to add rules when used in precise with
Public bug reported:
The AF_UNIX unnamed dgram tests that involve a peer label are failing.
Note that only the dgram tests of unix_socket_unnamed.sh result in this
failure. The identical stream and seqpacket tests pass. It seems like
the socket labeling may be applied differently between
Public bug reported:
This is an existing failure that is uncovered by a new test. Note that
this failure only occurs with the dgram tests and passes with the
identical stream and seqpacket tests.
* The failure:
Error: unix_socket failed. Test 'AF_UNIX pathname socket (dgram); confined
server
Public bug reported:
This is an existing failure that is uncovered by a new test. Note that
this failure only occurs with the dgram tests and passes with the
identical stream and seqpacket tests.
This bug may be a dupe of bug #1373174
* The failure:
Error: unix_socket failed. Test 'AF_UNIX
apport information
** Attachment added: CurrentDmesg.txt
https://bugs.launchpad.net/bugs/1373172/+attachment/4213831/+files/CurrentDmesg.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: Lspci.txt
https://bugs.launchpad.net/bugs/1373172/+attachment/4213832/+files/Lspci.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1373172
apport information
** Attachment added: CRDA.txt
https://bugs.launchpad.net/bugs/1373172/+attachment/4213830/+files/CRDA.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1373172
apport information
** Attachment added: ProcModules.txt
https://bugs.launchpad.net/bugs/1373172/+attachment/4213836/+files/ProcModules.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: ProcEnviron.txt
https://bugs.launchpad.net/bugs/1373172/+attachment/4213834/+files/ProcEnviron.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: ProcCpuinfo.txt
https://bugs.launchpad.net/bugs/1373172/+attachment/4213833/+files/ProcCpuinfo.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: WifiSyslog.txt
https://bugs.launchpad.net/bugs/1373172/+attachment/4213840/+files/WifiSyslog.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: UdevDb.txt
https://bugs.launchpad.net/bugs/1373172/+attachment/4213838/+files/UdevDb.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1373172
apport information
** Attachment added: ProcInterrupts.txt
https://bugs.launchpad.net/bugs/1373172/+attachment/4213835/+files/ProcInterrupts.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: PulseList.txt
https://bugs.launchpad.net/bugs/1373172/+attachment/4213837/+files/PulseList.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: UdevLog.txt
https://bugs.launchpad.net/bugs/1373172/+attachment/4213839/+files/UdevLog.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: AudioDevicesInUse.txt
https://bugs.launchpad.net/bugs/1373172/+attachment/4213828/+files/AudioDevicesInUse.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: BootDmesg.txt
https://bugs.launchpad.net/bugs/1373172/+attachment/4213829/+files/BootDmesg.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Tags added: apport-collected utopic
** Description changed:
The AF_UNIX unnamed dgram tests that involve a peer label are failing.
Note that only the dgram tests of unix_socket_unnamed.sh result in this
failure. The identical stream and seqpacket tests pass. It seems
apport information
** Attachment added: CurrentDmesg.txt
https://bugs.launchpad.net/bugs/1373176/+attachment/4213918/+files/CurrentDmesg.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Tags added: apport-collected utopic
** Description changed:
This is an existing failure that is uncovered by a new test. Note that
this failure only occurs with the dgram tests and passes with the
identical stream and seqpacket tests.
This bug may be a dupe of
apport information
** Attachment added: ProcEnviron.txt
https://bugs.launchpad.net/bugs/1373176/+attachment/4213921/+files/ProcEnviron.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: Lspci.txt
https://bugs.launchpad.net/bugs/1373176/+attachment/4213919/+files/Lspci.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1373176
apport information
** Attachment added: ProcCpuinfo.txt
https://bugs.launchpad.net/bugs/1373176/+attachment/4213920/+files/ProcCpuinfo.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: BootDmesg.txt
https://bugs.launchpad.net/bugs/1373176/+attachment/4213916/+files/BootDmesg.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: CRDA.txt
https://bugs.launchpad.net/bugs/1373176/+attachment/4213917/+files/CRDA.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1373176
apport information
** Attachment added: AudioDevicesInUse.txt
https://bugs.launchpad.net/bugs/1373176/+attachment/4213915/+files/AudioDevicesInUse.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: ProcInterrupts.txt
https://bugs.launchpad.net/bugs/1373176/+attachment/4213922/+files/ProcInterrupts.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: PulseList.txt
https://bugs.launchpad.net/bugs/1373174/+attachment/4213910/+files/PulseList.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: ProcInterrupts.txt
https://bugs.launchpad.net/bugs/1373174/+attachment/4213908/+files/ProcInterrupts.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: ProcEnviron.txt
https://bugs.launchpad.net/bugs/1373174/+attachment/4213907/+files/ProcEnviron.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: ProcCpuinfo.txt
https://bugs.launchpad.net/bugs/1373174/+attachment/4213906/+files/ProcCpuinfo.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: PulseList.txt
https://bugs.launchpad.net/bugs/1373176/+attachment/4213924/+files/PulseList.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: Lspci.txt
https://bugs.launchpad.net/bugs/1373174/+attachment/4213905/+files/Lspci.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1373174
apport information
** Attachment added: UdevLog.txt
https://bugs.launchpad.net/bugs/1373174/+attachment/4213912/+files/UdevLog.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: BootDmesg.txt
https://bugs.launchpad.net/bugs/1373174/+attachment/4213902/+files/BootDmesg.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: ProcModules.txt
https://bugs.launchpad.net/bugs/1373174/+attachment/4213909/+files/ProcModules.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: WifiSyslog.txt
https://bugs.launchpad.net/bugs/1373174/+attachment/4213913/+files/WifiSyslog.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: CurrentDmesg.txt
https://bugs.launchpad.net/bugs/1373174/+attachment/4213904/+files/CurrentDmesg.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: UdevDb.txt
https://bugs.launchpad.net/bugs/1373176/+attachment/4213925/+files/UdevDb.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1373176
apport information
** Tags added: apport-collected utopic
** Description changed:
This is an existing failure that is uncovered by a new test. Note that
this failure only occurs with the dgram tests and passes with the
identical stream and seqpacket tests.
* The failure:
Error:
apport information
** Attachment added: UdevDb.txt
https://bugs.launchpad.net/bugs/1373174/+attachment/4213911/+files/UdevDb.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1373174
apport information
** Attachment added: UdevLog.txt
https://bugs.launchpad.net/bugs/1373176/+attachment/4213926/+files/UdevLog.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: WifiSyslog.txt
https://bugs.launchpad.net/bugs/1373176/+attachment/4213927/+files/WifiSyslog.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: CRDA.txt
https://bugs.launchpad.net/bugs/1373174/+attachment/4213903/+files/CRDA.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1373174
apport information
** Attachment added: AudioDevicesInUse.txt
https://bugs.launchpad.net/bugs/1373174/+attachment/4213901/+files/AudioDevicesInUse.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
apport information
** Attachment added: ProcModules.txt
https://bugs.launchpad.net/bugs/1373176/+attachment/4213923/+files/ProcModules.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
Public bug reported:
The AF_UNIX pathname stream and seqpacket tests are not failing when the
server program is missing the getopt unix permission. Note that the
dgram version of this test fails as expected. This suggests some type of
difference in the mediation of getsockopt() between connected
Since this issue affects stream/seqpacket but not dgram, it seems likely
that it is a kernel issue and not a parser issue. But to be sure, I've
verified that the perms that the parser outputs for setopt, getopt, and
the combination of the two does look sane:
$ for p in getopt setopt
** Description changed:
The AF_UNIX pathname stream and seqpacket tests are not failing when the
server program is missing the getopt unix permission. Note that the
dgram version of this test fails as expected. This suggests some type of
difference in the mediation of getsockopt() between
** Description changed:
This is an existing failure that is uncovered by a new test. Note that
this failure only occurs with the dgram tests and passes with the
identical stream and seqpacket tests.
This bug may be a dupe of bug #1373174
+
+ Note that you need a branch of lp:apparmor
** Description changed:
This is an existing failure that is uncovered by a new test. Note that
this failure only occurs with the dgram tests and passes with the
identical stream and seqpacket tests.
+
+ Note that you need a branch of lp:apparmor at r2715 or newer to
+ reproduce this
** Description changed:
The AF_UNIX unnamed dgram tests that involve a peer label are failing.
Note that only the dgram tests of unix_socket_unnamed.sh result in this
failure. The identical stream and seqpacket tests pass. It seems like
the socket labeling may be applied differently
** Description changed:
The AF_UNIX unnamed dgram tests that involve a peer label are failing.
Note that only the dgram tests of unix_socket_unnamed.sh result in this
failure. The identical stream and seqpacket tests pass. It seems like
the socket labeling may be applied differently
** Changed in: apparmor
Assignee: (unassigned) = Tyler Hicks (tyhicks)
** Changed in: apparmor
Milestone: None = 2.9.0
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1375516
Title
Patch tested and set to the list:
https://lists.ubuntu.com/archives/apparmor/2014-September/006572.html
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1375516
Title:
** Changed in: apparmor
Status: In Progress = Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1375516
Title:
unix_socket_pathname.sh confined server stream/seqpacket
Committed to lp:apparmor as r2717.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1375516
Title:
unix_socket_pathname.sh confined server stream/seqpacket missing
getopt test fails
I've looked into this more and have determined that it is an old bug and
was not introduced by apparmor 3 RC1. There may be new leaks in apparmor
3 RC1 but there is a basic, fundamental leak on profile reloading
present in the kernel released just before apparmor 3 RC1 landed.
I'll adjust the
Test script to be used for reproducing. (I'm not sure why I have to kick
off the kmemleak scan twice)
** Description changed:
- There are some small kmemleaks that should be addressed.
+ The kmemleak kernel debugging system indicates that AppArmor leaks
+ kernel memory during profile reloads.
+
Output of test.sh script, which includes the kmemleak report.
** Attachment added: test.out
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1375416/+attachment/4222749/+files/test.out
** Summary changed:
- fix some small kmemleaks in apparmor 3 RC1
+ AppArmor leaks kernel memory during
** Description changed:
The kmemleak kernel debugging system indicates that AppArmor leaks
kernel memory during profile reloads.
I've attached a script (test.sh) that I can consistently reproduce the
kmemleak report with.
I've also attached the output of the script, which includes
The reproducer triggers the leak on Trusty (Ubuntu-3.13.0-37.64) but not
Precise (Ubuntu-3.2.0-70.105). I didn't test Lucid.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1375416
Title:
** Description changed:
Running the unix_socket_abstract.sh regression test script in a loop
- results in an AppArmor WARN message in the logs.
+ results in an AppArmor WARN message in the logs. On my test system, it
+ typically takes between 1 and 3 runs of unix_socket_abstract.sh before
+ the
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: Triaged
** Affects: apparmor (Ubuntu)
Importance: Medium
Status: Confirmed
** Affects: linux (Ubuntu)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: Triaged
** Tags: aa
)
Status: Incomplete = Confirmed
** Changed in: linux (Ubuntu)
Assignee: (unassigned) = Tyler Hicks (tyhicks)
** Changed in: linux (Ubuntu)
Status: Confirmed = Triaged
** Tags added: aa-parser
--
You received this bug notification because you are a member of Kernel
Packages
** Changed in: apparmor
Status: Triaged = In Progress
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1384746
Title:
Support multiple versions of AppArmor policy cache files
I'm fairly certain that this is a parser bug and not a kernel bug. The
dfa-states output for the profile profile XYZ { ptrace
peer=@{profile_name}, } changes between 14.04 and 14.10. Also, I can
pull down lp:apparmor and build a parser, on 14.04, that doesn't exhibit
the behavior described in this
As a result of the slave versus make-slave revelation, I've created
two upstream AppArmor bugs. The first is for the AppArmor documentation
being wrong about the acceptable mount option strings (bug #1401619).
The second is for the AppArmor parser accepting unknown mount option
strings (bug
Serge asked me about potentially using an AppArmor umount rule to
prevent forced umounts in the container. After I looked at the AppArmor
parser code, I realized that it doesn't properly support umount rules
(note that mount rules are properly supported). I've created bug
#1403968 to track this
On 2015-02-24 04:32:21, Rocko wrote:
I think it is still useful for ecryptfs to support the btrfs clone ioctl
for the case where both source and target higher files are in the same
ecryptfs mount, since this saves disk space.
I don't like the idea of eCryptfs supporting the clone ioctl by
Thanks for the in-depth triage of this bug, Rocko. As you pointed out, I
can easily reproduce this using cp's --reflink=always option.
I'm marking nautilus as Invalid since this is definitely an eCryptfs
bug. I'll start determining the best way to fix this issue.
** Changed in: nautilus (Ubuntu)
The `cp --reflink=always test test.bak` is always issuing the
BTRFS_IOC_CLONE ioctl, even on non-btrfs filesystems. eCryptfs passes
ioctls down to the lower filesystem but I suspect that it should stop
doing that altogether or possibly only allow a white list of known good
ioctls.
--
You
** Changed in: linux (Ubuntu)
Assignee: (unassigned) = Tyler Hicks (tyhicks)
** Changed in: ecryptfs
Assignee: (unassigned) = Tyler Hicks (tyhicks)
** Changed in: ecryptfs
Importance: Undecided = Critical
--
You received this bug notification because you are a member of Kernel
The Utopic kernel shipped with KASLR support. As kees mentioned, the
kaslr kernel cmdline option can be used to enable it. This is
verifiable by comparing /proc/kallsyms (must be opened as root) with the
System.map shipped with the kernel.
** Changed in: linux (Ubuntu)
Status: Confirmed =
Public bug reported:
I hit this bug as I'm logging in to an encrypted home account after
booting with systemd. It results in a hung system immediately after the
password authentication stage as pam_ecryptfs call mount.ecryptfs to
mount the user's encrypted home directory.
I can't reproduce it in
1 - 100 of 503 matches
Mail list logo
