Tested this is fixed in cosmic:
$ apt-cache policy ufw
ufw:
Installed: 0.36-0ubuntu0.18.10.1
Candidate: 0.36-0ubuntu0.18.10.1
Version table:
*** 0.36-0ubuntu0.18.10.1 500
500 http://us.archive.ubuntu.com/ubuntu cosmic-proposed/main amd64
Packages
500 http://us.archive.ubunt
Uploaded to disco-proposed.
** Changed in: apparmor (Ubuntu)
Status: Triaged => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1817799
Title:
[FFe]
I've confirmed that the "Could not open '/var/lib/snapd/apparmor/snap-
confine'" is not present in standard install of disco. This was a local
issue.
I've also updated the packaging to remove the "dpkg: warning: unable to
delete old directory '/etc/apparmor.d/cache': Directory not empty"
message.
** Description changed:
[Impact]
This bug is the master bug for a one time SRU of ufw to the new 0.36
release. Typically patches would be individually backported like normal,
but the new 'prepend' command feature is the impetus for this SRU and it
- contains most of the code changes. Ot
FYI, I've reuploaded 0.36 to bionic-proposed and cosmic-proposed after
updating the master bug's description.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1368411
Title:
Can
FYI, I've reuploaded 0.36 to bionic-proposed and cosmic-proposed after
updating this master bug's description.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1811129
Title:
up
** Description changed:
[Impact]
This bug is the master bug for a one time SRU of ufw to the new 0.36
release. Typically patches would be individually backported like normal,
but the new 'prepend' command feature is the impetus for this SRU and it
contains most of the code changes. Ot
I upload 0.6.3-5ubuntu4 for the Depends/Recommends update but expect it
to fail due to the ipset issues. I filed bug 1821596 for that.
** Changed in: firewalld (Ubuntu)
Status: New => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packa
I took a look at this and found that:
a) firewalld root-unittests autopkgtests fail when using either iptables 1.6 or
1.8 in release due to https://bugzilla.redhat.com/show_bug.cgi?id=1601610 and
the failure is: "2019-03-24 17:30:19 ERROR: COMMAND_FAILED: '/sbin/ipset add
foobar 10.1.2.0/22' fa
$ ./remove-package -m "1.8.2 abandoned, will wait for 1.8.3 (LP: #1820317)" -s
disco-proposed iptables
Removing packages from disco-proposed:
iptables 1.8.2-4ubuntu1 in disco
iptables 1.8.2-4ubuntu1 in disco amd64
iptables 1.8.2-4ubuntu1 in disco arm64
Are there additional steps that need to occur?
** Changed in: iptables (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iptables in Ubuntu.
https://bugs.launchpad.net/bugs/1820114
Tit
FYI, I cannot reproduce this with even less memory:
$ iptables --version
iptables v1.6.1
$ free
totalusedfree shared buff/cache available
Mem: 265712 114824 667441024 84144 36024
Swap: 0 0
** Bug watch added: Debian Bug tracker #914694
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914694
** Also affects: iptables (Debian) via
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914694
Importance: Unknown
Status: Unknown
--
You received this bug notification becaus
FYI, disco now has 2.38 (I've updated the description accordingly).
** Description changed:
Feature Freeze exception for AppArmor 2.13.2
The security team is pushing to get AppArmor 2.13 into 19.04 since we
want AppArmor 3 (or higher) in 20.04 and we'd like to update to 2.13.2
to have
Thank you for you report. Please note that for usability a default
ruleset is put in use by design and documented in the ufw(8) man page.
Users are free to fine-tune those defaults for site-specific needs as
described in the ufw-framework(8) man page. As a result option 'a' is
out of scope. Option
** Changed in: iptables (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iptables in Ubuntu.
https://bugs.launchpad.net/bugs/1820317
Title:
The firewa
** Description changed:
Feature Freeze exception for AppArmor 2.13.2
The security team is pushing to get AppArmor 2.13 into 19.04 since we
- want AppArmor 3 (or higher) in 20.04 and we'd like to incrementally
- update to it to test the new features that are available now and make
- the over
** Changed in: apparmor (Ubuntu)
Status: In Progress => New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1817799
Title:
[FFe] apparmor 2.13
Status in apparmor p
** Description changed:
- FFe paperwork still in progress
-
Feature Freeze exception for AppArmor 2.13.2
The security team is pushing to get AppArmor 2.13 into 19.04 since we
want AppArmor 3 (or higher) in 20.04 and we'd like to incrementally
update to it to test the new features that
Adding an Ubuntu 19.04 task in anticipation of the 2.13.2 upload.
** Also affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs
** Description changed:
FFe paperwork still in progress
Feature Freeze exception for AppArmor 2.13.2
The security team is pushing to get AppArmor 2.13 into 19.04 since we
want AppArmor 3 (or higher) in 20.04 and we'd like to incrementally
update to it to test the new features that
** Description changed:
FFe paperwork still in progress
Feature Freeze exception for AppArmor 2.13.2
The security team is pushing to get AppArmor 2.13 into 19.04 since we
want AppArmor 3 (or higher) in 20.04 and we'd like to incrementally
update to it to test the new features that
** Description changed:
FFe paperwork still in progress
Feature Freeze exception for AppArmor 2.13.2
The security team is pushing to get AppArmor 2.13 into 19.04 since we
want AppArmor 3 (or higher) in 20.04 and we'd like to incrementally
update to it to test the new features that
** Attachment added: "upgrade.log"
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1817799/+attachment/5245939/+files/upgrade.log
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.lau
Here is the upgrade log. Note that these parser errors are unrelated to
apparmor 2.13 and an issue with the snapd packaging:
AppArmor parser error for /etc/apparmor.d in
/etc/apparmor.d/usr.lib.snapd.snap-confine.real at line 11: Could not open
'/var/lib/snapd/apparmor/snap-confine'
AppArmor par
Here is the sbuild build log
** Attachment added: "apparmor_2.13.2-9ubuntu1_amd64-2019-03-13T21:48:49Z.build"
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1817799/+attachment/5245940/+files/apparmor_2.13.2-9ubuntu1_amd64-2019-03-13T21%3A48%3A49Z.build
--
You received this bug noti
** Description changed:
- TODO
+ FFe paperwork still in progress
+
+ Feature Freeze exception for AppArmor 2.13.2
+
+ The security team is pushing to get AppArmor 2.13 into 19.04 since we
+ want AppArmor 3 (or higher) in 20.04 and we'd like to incrementally
+ update to it to test the new feature
There is nothing you need to do. Everything is normal and fine and there
is nothing to fix.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1817527
Title:
ufw status problem
S
Thank you for reporting a bug. What you are seeing is normal and this is
nothing to worry about. The ufw systemd service is not long running but
a oneshot service.
** Changed in: ufw (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
T
...
Installing new version of config file /etc/network/if-up.d/openssh-server ...
dpkg-query: error: parsing file '/var/lib/dpkg/updates/0047' near line 0:
newline in field name '#padding'
[1mdpkg:[0m error processing package openssh-server (--configure):
installed openssh-server package post-i
Public bug reported:
TODO
** Affects: apparmor (Ubuntu)
Importance: Undecided
Assignee: Jamie Strandboge (jdstrand)
Status: In Progress
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Changed in: apparmor (Ubuntu)
Sta
FYI, this bug is marked Fix Committed against systemd for bionic, but
there is currently nothing in bionic-proposed.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1771858
T
** Changed in: ufw (Ubuntu Bionic)
Status: Triaged => In Progress
** Changed in: ufw (Ubuntu Cosmic)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.lau
** Changed in: ufw (Ubuntu Bionic)
Status: Triaged => In Progress
** Changed in: ufw (Ubuntu Cosmic)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.lau
** Changed in: ufw (Ubuntu Bionic)
Status: New => In Progress
** Changed in: ufw (Ubuntu Cosmic)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.n
** Changed in: ufw (Ubuntu Bionic)
Status: Triaged => In Progress
** Changed in: ufw (Ubuntu Cosmic)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.lau
** Changed in: ufw (Ubuntu Bionic)
Status: Triaged => In Progress
** Changed in: ufw (Ubuntu Cosmic)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.lau
** Changed in: ufw (Ubuntu Bionic)
Status: Triaged => In Progress
** Changed in: ufw (Ubuntu Cosmic)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.lau
** Description changed:
+ [Impact]
+
+ ufw's 'insert' command is designed to work with 'ufw status numbered' to
+ insert rules in specific places in the ruleset. This makes it more
+ difficult than it should be for using ufw as part of an IPS/dynamic
+ firewall (eg, fail2ban) since if the firewal
** Description changed:
+ [Impact]
+
+ ufw prior to 0.36 did not support locking or use xtables locking which
+ can lead to problems when using ufw as a dynamic firewall.
+
+ [Test Case]
+
+ $ sudo apt-get install python-minimal # for the test script
+ $ sudo ./test_ufw_threads.py # this runs f
** Description changed:
+ [Impact]
+
+ Tab completion is currently broken.
+
+ [Test Case]
+
+ $ ufw
+ allow delete --dry-run --help loggingreset status
+ appdeny enable insert reject route version
+ defaultdisable--forcelimit
** Description changed:
+ [Impact]
+
+ ufw's interface name's or both too strict (this bug) and too loose
+ (iptables has its own limits). Adjust the interface name checks to match
+ those of the kernel.
+
+ [Test Case]
+
+ $ sudo ufw --dry-run allow in on i-1|grep i-1
+ ### tuple ### allow any
** Description changed:
+ [Impact]
+
+ ping6 replies to multicast addresses are mistakenly blocked. ufw used to
+ have correct ordering for these replies, but 0.34 reorganized the icmp
+ rules and reintroduced LP: #720605 (this bug). multicast ping replies
+ are part of the ok icmp codes for INPU
Public bug reported:
[Impact]
This bug is the master bug for a one time SRU of ufw to the new 0.36
release. Typically patches would be individually backported like normal,
but the new 'prepend' command feature is the impetus for this SRU and it
contains most of the code changes. Other bugs fixes
@Matt you have both ufw and firewalld installed and running. You should
disable/remove firewalld. Marking this as 'Invalid' for now, but please
feel free to report back if you still see a bug in ufw after addressing
firewalld.
** Changed in: ufw
Status: Incomplete => Invalid
** Changed in:
This looks to be a local issue:
insserv: warning: script 'K20.depend.boot' missing LSB tags and overrides
insserv: warning: script 'K20.depend.start' missing LSB tags and overrides
insserv: There is a loop at service plymouth if started
insserv: There is a loop between service plymouth and procps
This is fixed in the new 0.36 release.
** Changed in: ufw
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1368411
Title:
Cannot in
This is fixed in the new 0.36 release.
** Changed in: ufw
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1775043
Title:
bash comp
This is fixed in the new 0.36 release.
** Changed in: ufw
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1664133
Title:
ipv6 mult
This is fixed in the new 0.36 release.
** Changed in: ufw
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1633698
Title:
ufw befor
This is fixed in the new 0.36 release.
** Changed in: ufw
Status: Fix Committed => Fix Released
** Changed in: ufw
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, wh
** Changed in: ufw (Ubuntu Disco)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1602834
Title:
obsolete conffiles not cleaned up on upgr
@Matt, there aren't any errors in your journalctl output that I can see.
Without removing the change to /lib/ufw/ufw-init yet, can you reboot
until you see the problem, and then before you correct the issue, can
you attach the output of all of the following:
1. journalctl --no-pager > /tmp/journa
** Also affects: ufw (Ubuntu Disco)
Importance: Undecided
Assignee: Jamie Strandboge (jdstrand)
Status: Triaged
** Changed in: ufw (Ubuntu Disco)
Status: Triaged => In Progress
** Changed in: ufw (Ubuntu Disco)
Importance: Undecided => Medium
** Changed in: ufw (
** Package changed: ufw (Ubuntu) => language-selector (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1724793
Title:
Error localization
Status in language-selector pa
The ufw bug is being tracking in bug 1775043. Removing that task.
** No longer affects: ufw (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to jackd2 in Ubuntu.
https://bugs.launchpad.net/bugs/1792835
Title:
Bash com
** Changed in: ufw (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1749985
Title:
dpkg: error processing package libc-bin (--configure):
*** This bug is a duplicate of bug 910324 ***
https://bugs.launchpad.net/bugs/910324
** This bug has been marked a duplicate of bug 910324
Add directory support for before.rules and after.rules
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages,
*** This bug is a duplicate of bug 1664133 ***
https://bugs.launchpad.net/bugs/1664133
** This bug has been marked a duplicate of bug 1664133
ipv6 multicast pings don't return
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscrib
This was fixed in 0.35.
** Changed in: ufw (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1155250
Title:
ufw should error
** Also affects: ufw (Ubuntu Cosmic)
Importance: Undecided
Status: New
** Also affects: ufw (Ubuntu Disco)
Importance: Medium
Assignee: Jamie Strandboge (jdstrand)
Status: In Progress
** Also affects: ufw (Ubuntu Bionic)
Importance: Undecided
Status: New
in: ufw (Ubuntu Bionic)
Importance: Undecided => Medium
** Changed in: ufw (Ubuntu Disco)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Changed in: ufw (Ubuntu Cosmic)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Changed in: ufw (Ubuntu Bionic)
ed => Low
** Changed in: ufw (Ubuntu Cosmic)
Importance: Undecided => Low
** Changed in: ufw (Ubuntu Disco)
Importance: Undecided => Low
** Changed in: ufw (Ubuntu Disco)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Changed in: ufw (Ubuntu Cosmic)
Assignee:
** Also affects: ufw (Ubuntu Disco)
Importance: Medium
Assignee: Jamie Strandboge (jdstrand)
Status: In Progress
** Also affects: ufw (Ubuntu Cosmic)
Importance: Undecided
Status: New
** Also affects: ufw (Ubuntu Bionic)
Importance: Undecided
Status: New
** Package changed: ufw (Ubuntu) => rpcbind (Ubuntu)
** Summary changed:
- package ufw (not installed) failed to install/upgrade: subprocess installed
post-removal script returned error exit status 1
+ failed to install/upgrade: subprocess installed post-removal script returned
error exit statu
** Changed in: ufw (Ubuntu)
Status: Triaged => In Progress
** Changed in: ufw (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
This will be fixed with the new feature for concurrent updates, which is
scheduled for ufw 0.36.
** Changed in: ufw (Ubuntu)
Status: Confirmed => In Progress
** Changed in: ufw (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Also affects: ufw (Ubuntu
** Changed in: ufw
Importance: Undecided => Low
** Changed in: ufw
Importance: Low => Medium
** Changed in: ufw (Ubuntu Disco)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw i
** Changed in: ufw
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1775043
Title:
bash completion not working: uses deprecated have()
Status
This was committed to ufw a while ago and will be in the upcoming 0.36,
which I plan to SRU back to bionic.
** Changed in: ufw
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in
Status: Triaged => Incomplete
** Changed in: ufw
Assignee: Jamie Strandboge (jdstrand) => (unassigned)
** Changed in: ufw (Ubuntu)
Assignee: Jamie Strandboge (jdstrand) => (unassigned)
** Changed in: ufw (Ubuntu Xenial)
Assignee: Jamie Strandboge (jdstrand) =>
** Changed in: ufw (Ubuntu)
Status: Confirmed => Triaged
** Changed in: ufw (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Also affects: ufw (Ubuntu Cosmic)
Importance: Undecided
Status: New
** Also affects: ufw (Ubuntu Disco)
Importance:
** Changed in: ufw
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1368411
Title:
Cannot insert IPV6 rule before IPV4 rules
Status
Thanks for all the feedback! FYI, since '1' in ufw corresponds to the
literal rule number '1', this is going to be implemented with a new
'prepend' command. Eg:
$ sudo ufw allow 22/tcp
$ sudo ufw allow from 1.2.3.4
$ sudo ufw allow from 2001:db8::/32
$ sudo ufw status numbered
...
[1] 22/tcp
** Changed in: ufw
Status: New => In Progress
** Changed in: ufw
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchp
Please note that the various rules files are there for admins to adjust
as needed. However, to work with other programs on the system, I
reiterate that by default ufw will not flush anything it doesn't manage
itself (MANAGE_BUILTINS, as mentioned, controls this behavior). If
someone adds rules to t
I echo ahasenack's question. /etc/letsencrypt/** is pretty broad
(especially if it contains private keys).
Once those details are worked out, updating slapd is conceptually fine.
We may want to consider updating the ssl_certs and ssl_keys abstractions
accordingly if letsencrypt organizing things c
It might be nice to provide this on older LTS releases too.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ubuntu-keyring in Ubuntu.
https://bugs.launchpad.net/bugs/1798073
Title:
[SRU] Provide 2018 archive signing key on
** Summary changed:
- expr-simplify optimization slows click policy compilation
+ expr-simplify optimization slows click/snap policy compilation
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to click-apparmor in Ubuntu.
https:
** Bug watch added: Debian Bug tracker #909163
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909163
** Also affects: ufw (Debian) via
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909163
Importance: Unknown
Status: Unknown
--
You received this bug notification because you
I referenced the wrong bug in the evince upload so it didn't auto-close,
but 3.30.0-3ubuntu1 should address this.
** Changed in: evince (Ubuntu Cosmic)
Status: Fix Committed => Fix Released
** Changed in: evince (Ubuntu Trusty)
Status: Triaged => In Progress
** Changed in: evince (
I recommend changing these to be:
# for purple telegram
/etc/telegram-purple/server.tglpub r,
/usr/lib/purple-2/*.so mr,
/usr/share/locale/*/LC_MESSAGES/*.mo r,
/usr/share/pixmaps/pidgin/protocols/{16,32,48}/*.png r,
owner @{HOME}/.telegram-purple/ rw,
owner @{HOME
** Changed in: evince (Ubuntu Cosmic)
Status: Triaged => Fix Committed
** Summary changed:
- Debian/Ubuntu AppArmor policy for evince is useless
+ Debian/Ubuntu AppArmor policy gaps in evince
** Information type changed from Private Security to Public Security
--
You received this bug n
** Changed in: apparmor (Ubuntu Cosmic)
Status: In Progress => Fix Committed
** Changed in: apparmor (Ubuntu Trusty)
Status: Triaged => In Progress
** Changed in: apparmor (Ubuntu Xenial)
Status: Triaged => Fix Committed
** Changed in: apparmor (Ubuntu Bionic)
Status:
https://gitlab.com/apparmor/apparmor/merge_requests/206/ has additional
fixes.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1794848
Title:
private-files-strict and user
https://gitlab.com/apparmor/apparmor/merge_requests/203/ was committed
upstream.
** Changed in: apparmor
Status: In Progress => Fix Released
** Summary changed:
- private-files-strict abstraction should also limit access to directories
+ private-files-strict and user-files abstractions s
Public bug reported:
This is to track the private-files-strict and user-files portion of
https://bugs.launchpad.net/apparmor/+bug/1794820
** Affects: apparmor
Importance: Undecided
Assignee: Jamie Strandboge (jdstrand)
Status: Fix Released
** Affects: apparmor (Ubuntu
I agree with Laurent - ufw already supports gre, gufw just needs to
bubble that up.
** Package changed: ufw (Ubuntu) => gui-ufw
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/17
** Description changed:
- When using apparmor variables for the mountpoint in mount rules, the
+ When using apparmor tunaables for the mountpoint in mount rules, the
parser will parse the rule but the kernel blocks it.
Eg, this works:
- # works
- mount -> /home/*/mnt/,
+ # works
+ m
FYI, this came up in another snapd context in support of snap parallel
installs. It is worked around, but would be nice if this was fixed.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launch
This is in git master now and in the ufw snap in candidate.
** Changed in: ufw
Status: Triaged => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1204579
Ti
** Package changed: ufw (Ubuntu) => hplip (Ubuntu)
** Changed in: hplip (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1781986
Title
We can't just enable the patches any more because it will change how
snaps that plugs 'pulseaudio' will work. Put concretely, the patches are
meant to detect if the connecting process is a snap and if it is,
unconditionally deny recording. Some snaps that 'plugs: [ pulseaudio ]'
have legitimate use
Public bug reported:
>From https://launchpadlibrarian.net/377100864/buildlog_ubuntu-cosmic-
amd64.pulseaudio_1%3A12.0-1ubuntu1_BUILDING.txt.gz:
...
dh_auto_configure -- --enable-x11 --disable-hal-compat
--libdir=\${prefix}/lib/x86_64-linux-gnu
--with-module-dir=\${prefix}/lib/pulse-12.0/modules
*** This bug is a duplicate of bug 953372 ***
https://bugs.launchpad.net/bugs/953372
@fathi733-gmail - this should've been fixed a long time ago. Anything
you see now should be a new bug. Can you file one at
https://bugs.launchpad.net/ufw/+filebug?
--
You received this bug notification becau
: (unassigned) => Jamie Strandboge (jdstrand)
** Also affects: ufw (Ubuntu Cosmic)
Importance: Undecided
Status: New
** Also affects: ufw (Ubuntu Bionic)
Importance: Undecided
Status: New
** Changed in: ufw (Ubuntu Bionic)
Status: New => Triaged
** Changed in:
sounds like exactly what we should be doing.
Thanks for the triage!
** Changed in: ufw (Ubuntu)
Status: New => Triaged
** Changed in: ufw (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Also affects: ufw (Ubuntu Bionic)
Importance: Undecided
Status:
** Package changed: apparmor (Ubuntu) => snapd (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1773515
Title:
apparmour fails after removal of snapd
Status in sn
Note that this is for the chromium snap and it is the snapd package that
provides the apparmor policy for the chromium snap.
Also, the bluez accesses should not be what is preventing the chromium
snap from starting-- these are harmless denials. I've adjusted the title
of the to reflect this. Assig
I tried to reproduce this and was unable to. The apparmor package did
added a Breaks: media-hub, mediascanner2.0, messaging-app, webbrowser-
app because of bug #1756800 and bug #1761176 so I tried upgrades with
and without these installed. Test configurations:
* Ubuntu Desktop default install
* u
301 - 400 of 1885 matches
Mail list logo