Public bug reported:
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#Sandboxing
https://wiki.debian.org/ServiceSandboxing
Fedora is probably going forward with this.
https://fedoraproject.org/wiki/Changes/SystemdSecurityHardening
~$ systemd-analyze security
The
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2046624
Title:
apparmor breaks surfshark vpn
Status
aa-status
apparmor module is loaded.
100 profiles are loaded.
31 profiles are in enforce mode.
/usr/bin/man
/usr/lib/NetworkManager/nm-dhcp-client.action
/usr/lib/NetworkManager/nm-dhcp-helper
/usr/lib/connman/scripts/dhclient-script
/usr/lib/cups/backend/cups-pdf
With apparmor
*grep 'network' /etc/apparmor.d/ab*/*
/etc/apparmor.d/abi/3.0:network {af_unix {yes
/etc/apparmor.d/abi/3.0:network_v8 {af_mask {unspec unix inet ax25 ipx
appletalk netrom bridge atmpvc x25 inet6 rose netbeui security key netlink
packet ash econet atmsvc rds sna irda pppox
** Bug watch added: github.com/codepayne/linux-sound-huawei/issues #26
https://github.com/codepayne/linux-sound-huawei/issues/26
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to alsa-driver in Ubuntu.
No apparmor still but i will include
*grep 'network' /etc/apparmor.d/ab*/*
grep: /etc/apparmor.d/abstractions/base.d: Is a directory
/etc/apparmor.d/abstractions/libvirt-qemu: network inet stream,
/etc/apparmor.d/abstractions/libvirt-qemu: network inet6 stream,
Thank you! I reported it to technical support, I hope they will fix it
in the right way.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/2046367
Title:
AlphaSSL
After reboot with apparmor active
* systemctl status surfsharkd2.service
● surfsharkd2.service - Surfshark Daemon2
Loaded: loaded (/lib/systemd/system/surfsharkd2.service; enabled; preset:
enabled)
Active: active (running) since Sat 2023-12-16 13:30:24 MST; 1min 12s ago
Main
journalctl -b -1 -g DENIED --no-pager
-- No entries --
┌───>
│~
└─> journalctl -b -1 -g ALLOWED --no-pager
-- No entries --
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
Public bug reported:
My Dell XPS 15 has a touchscreen. If I use the touchscreen, at some
point the computer will completely lock up.
ProblemType: Bug
DistroRelease: Ubuntu 23.10
Package: xorg 1:7.7+23ubuntu2
ProcVersionSignature: Ubuntu 6.5.0-14.14-generic 6.5.3
Uname: Linux 6.5.0-14-generic
With kernel 6.7 there will finally be support for Everest sound cards also for
AMD CPUs thanks to the AWESOME work of Marian Postevca (aka codepayne).
More info here: https://patchwork.kernel.org/comment/25504908/
You can already try it by installing the release candidates but pay attention:
-
Public bug reported:
While selecting the best mirror in software-properties-qt, there's a
traceback:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/softwareproperties/qt/DialogMirror.py",
line 227, in on_report_progress
self.dialog.setValue(frac*100)
TypeError:
So you eventually upgraded both raspis to 23.10? I find it hardly
surprising it works as mantic has a newer upstream release of systemd
253.5 which has the fix I linked to above for ignoring unmanaged
interfaces. Does not help for the LTS release (jammy) though.
--
You received this bug
Can you include the output of
sudo dmesg | grep DENIED
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2046624
Title:
apparmor breaks surfshark vpn
Status in apparmor
My shotgun approach may seem unorthodox but I've been frustrated since I
am confident the systemd update created this issue. However, I withdraw
my hesitation to use the word arbitrary. :D
Data point 1: Imaged a vanilla RPI4 with Ubuntu 22.04. The only thing I
changed was the netplan config to
Indeed. I would have preferred to remain on LTS.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2036358
Title:
systemd wait-online now times out after jammy and lunar
16 matches
Mail list logo