Hi again John,
I managed to fix most of the denials now, and slack successfully starts
up (still quite a few denies, but most can be explained). Took quite a
few new rules. Thank you for your help and insight on this.
I'll post updates as soon as I have them. I need to find the proper
interfaces
Hi John,
Thank you for sharing your thoughts on this. I'll try to look into
experimenting with adding getattr in the seccomp profiles and
investigating the paths it accesses. I'll share if I figure something
out as well.
--
You received this bug notification because you are a member of Kernel
Hi John!
After adding the missing rule for /run/user/1000/doc/, those namespace
issues are now gone. However slack still fails to start, with the
following dmesg output:
https://paste.ubuntu.com/p/bbcWZG6qQP/
--
You received this bug notification because you are a member of Kernel
Packages,
I reran the test with printk_ratelimit set to 0
https://paste.ubuntu.com/p/cSWg8vJHjB/
It seems there are denials related to the /run/user after changing the
ratelimit
[ 414.009909] audit: type=1400 audit(1675760471.797:304): apparmor="DENIED"
operation="getattr" class="file"
Yes, sorry.
https://paste.ubuntu.com/p/5w4f6w5CpG/
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1991691
Title:
cannot change mount namespace
Status in Linux:
New
Status in linux
I've been trying to reproduce this on a few different kernels now, I can
not reproduce this with
The default 5.19 kernel that 22.10 comes with (official images, after updating).
The latest mainline 6.1.10 kernel release.
I have 2.58 snapd installed, and on both I can start slack.
I can however
6 matches
Mail list logo
