FYI, I copied xenial-focal from the security-proposed ppa to -proposed.
Borrowing from the ubuntu-sru team's SRU verification text:
Please help us by testing this new package. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed. Your feedback
FYI, a 2.4.3 SRU is in flight (by amurray), but looking at
https://github.com/seccomp/libseccomp/pull/180 (the fix for the bug),
https://github.com/seccomp/libseccomp/issues/187 (2.4.3 backports), and
code inspection, the fix for the bug is not in 2.4.3 and will come in
2.5.
The security team is
Based on https://github.com/flatpak/flatpak/issues/675, this seems like
it would be safe to add to the desktop interface. James Henstridge, can
you comment?
** Bug watch added: github.com/flatpak/flatpak/issues #675
https://github.com/flatpak/flatpak/issues/675
--
You received this bug
FYI, those re-runs passed and the package is green in
https://people.canonical.com/~ubuntu-archive/pending-sru.html. When
ubuntu-sru goes through the queue, this will be published.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
*** This bug is a duplicate of bug 1856738 ***
https://bugs.launchpad.net/bugs/1856738
@Reinhard, you are now hitting bug #1856738 which prevents @{HOME} from
being used in the peer_addr for an abstract socket. For now, I suggest
updating /etc/apparmor.d/abstractions/ibus to have:
unix
Confirmed here as well. Just did a fresh re-install of ubuntu studio
20.04, this is happening out of the box. This is with Sengled bluetooh
speaker/LED lights. I should note, audio connects and works with no
issues. This happens when trying to bind to the bulb's serial port (to
contol dimming).
@xnox - I took a look at the paste from Balint and all the denials seem
to be coming from lxd's policy. I don't know how the autopkgtest's lxd
apparmor policy is setup, but it may need adjusting. Perhaps @stgraber
can comment?
--
You received this bug notification because you are a member of
There is actually an SRU in progress for libseccomp:
https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1876055.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1868720
Title:
backport time64
The autopkgtest failures seem unrelated. I triggered reruns just now.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1872564
Title:
/proc/sys/kernel/random/boot_id rule missing from
@Marco, this issue is not yet fixed in Focal. Marking back to Fix
Committed.
** Changed in: apparmor (Ubuntu Focal)
Status: Fix Released => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
*** This bug is a duplicate of bug 1879690 ***
https://bugs.launchpad.net/bugs/1879690
Actually, this is 1879690 which is a bug in the Ubuntu kernel.
** Project changed: snapd => linux (Ubuntu)
** Changed in: linux (Ubuntu)
Status: New => Confirmed
** This bug has been marked a
*** This bug is a duplicate of bug 1879690 ***
https://bugs.launchpad.net/bugs/1879690
** This bug is no longer a duplicate of bug 1880025
apparmor="DENIED" on docker container files
** This bug has been marked a duplicate of bug 1879690
Docker registry doesn't stay up and keeps
*** This bug is a duplicate of bug 1872564 ***
https://bugs.launchpad.net/bugs/1872564
** Changed in: mysql-8.0 (Ubuntu)
Status: New => Confirmed
** This bug has been marked a duplicate of bug 1872564
/proc/sys/kernel/random/boot_id rule missing from abstractions/nameservice
--
@Sergio - assuming you are ok with my patch, do you still plan to follow
through on the SRU verification once it is accepted into focal-proposed?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1872564
@Sergio, I didn't see that you uploaded anything to the queue so to
expedite the SRU since there are a number of duplicates, I created a
smaller backport of the fix and uploaded it to focal-proposed just now:
@Till, the boot_id issue is being tracked here:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1872564
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1721704
Title:
Printer settings stuck
*** This bug is a duplicate of bug 1872564 ***
https://bugs.launchpad.net/bugs/1872564
** Changed in: mysql-8.0 (Ubuntu)
Status: New => Confirmed
** This bug has been marked a duplicate of bug 1872564
/proc/sys/kernel/random/boot_id rule missing from abstractions/nameservice
--
I'm not familiar with mysql-workbench-community, but looking at the logs
I see:
May 14 17:44:33 owen-AOD255 kernel: [ 181.312508] audit: type=1400
audit(1589474673.710:1024): apparmor="DENIED" operation="connect"
profile="snap.mysql-workbench-community.mysql-workbench-community"
snapd manages the security policies for snaps (and it will rewrite the
profiles at some point if you modify them yourself). You may install a
snap in devmode which puts apparmor in complain. Eg:
sudo snap install --devmode mysql-workbench-community
** Changed in: apparmor (Ubuntu)
Status:
its not just ifconfig that uses interface labels. many programs use them
for mapping which ip they bind to.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1743200
Title:
No support for interface
I suggest following/participating in the discussion in the forum topic
for snapd/ecosystem updates and use this bug to track chromium-browser's
use of those updates.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
This bug is marked fixed release. As I suggested in comment #13, please
file a new bug. This will allow you to use apport to upload any crash
information/etc that will assist developers in fixing this.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
** Changed in: libseccomp (Ubuntu Focal)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1877633
Title:
libseccomp 2.4.3 (and 2.4.2) is not correctly resolving
Thanks for the debdiff Alex. Uploaded to groovy-proposed.
** Changed in: libseccomp (Ubuntu Groovy)
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1877633
Rather than superseding 1:13.99.1-1ubuntu4 in groovy-proposed, I instead
based the changes in 1:13.99.1-1ubuntu5 on top of 1:13.99.1-1ubuntu4 to
address the CVE that was fixed in https://usn.ubuntu.com/4355-1/.
** Also affects: pulseaudio (Ubuntu Groovy)
Importance: High
Assignee:
Uploaded
https://launchpad.net/ubuntu/+source/pulseaudio/1:13.99.1-1ubuntu5 to
groovy based on 1:13.99.1-1ubuntu4 from groovy-proposed.
** Changed in: pulseaudio (Ubuntu Groovy)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
I'll apply the focal patch to what is in groovy-proposed.
** Changed in: pulseaudio (Ubuntu Groovy)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Changed in: pulseaudio (Ubuntu Groovy)
Status: Triaged => In Progress
--
You received this bug notification becau
FYI, the upload to bionic-proposed was superseded by
https://usn.ubuntu.com/4355-1/. Please rebase your changes on that and
reupload.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1869819
Title:
FYI, the upload to focal-proposed was superseded by
https://usn.ubuntu.com/4355-1/. Please rebase your changes on that and
reupload.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1876065
Title:
** Changed in: pulseaudio (Ubuntu Groovy)
Importance: High => Medium
** Changed in: pulseaudio (Ubuntu Focal)
Importance: Undecided => Medium
** Changed in: pulseaudio (Ubuntu Eoan)
Importance: Undecided => Medium
** Changed in: pulseaudio (Ubuntu Bionic)
Importance: Undecided =>
*** This bug is a duplicate of bug 1872564 ***
https://bugs.launchpad.net/bugs/1872564
** Changed in: apparmor (Ubuntu)
Status: New => Confirmed
** This bug has been marked a duplicate of bug 1872564
/proc/sys/kernel/random/boot_id rule missing from abstractions/nameservice
--
FYI, snapcraft can build from universe just fine. I suspect what you are
seeking is official support so openscap can get security support,
therefore USNs, therefore cvescan can get snap USN notifications. In
terms of an existing stable release, IIRC it is not possible to adjust
the override for
*** This bug is a duplicate of bug 1872564 ***
https://bugs.launchpad.net/bugs/1872564
This is a dupe of
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1872564 which,
AIUI, the server team will be performing an SRU for.
** This bug has been marked a duplicate of bug 1872564
** Description changed:
- This was reported via the snapcraft forum:
+ This was reported via the snapcraft forum[1]:
On bionic amd64, libseccomp 2.4.1-0ubuntu0.18.04.2
$ lsb_release -d
Description: Ubuntu 18.04.4 LTS
$ scmp_sys_resolver -a aarch64 163
getrlimit
$
Public bug reported:
This was reported via the snapcraft forum:
On bionic amd64, libseccomp 2.4.1-0ubuntu0.18.04.2
$ lsb_release -d
Description:Ubuntu 18.04.4 LTS
$ scmp_sys_resolver -a aarch64 163
getrlimit
$ scmp_sys_resolver -a aarch64 getrlimit
163
focal amd64, libseccomp
FYI, there is a pending update that will go out either tomorrow or early
next week. Please base your next upload on this update.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1869819
Title:
[SRU]
From
https://bugs.launchpad.net/ubuntu/+source/usbguard/+bug/1855189/comments/2:
"FYI, upstream committed https://github.com/USBGuard/usbguard/pull/378
to address this issue. It is essentially what I mentioned in the bug
description."
If we apply that patch to our usbguard packages, I have no
FYI, upstream committed https://github.com/USBGuard/usbguard/pull/378 to
address this issue. It is essentially what I mentioned in the bug
description.
** Changed in: usbguard (Ubuntu)
Status: Confirmed => Triaged
--
You received this bug notification because you are a member of Ubuntu
Looks great. As an aside, this is exactly why we investigate where the
accesses are coming from. If we didn't, gpsd would've been allowed to
read potentially sensitive data of other processes and load kernel
modules (yikes!).
Thank you for sticking with it :)
--
You received this bug
> # required for pps initialization
> capability dac_read_search,
> capability sys_time,
> /sys/devices/virtual/pps/ r,
> # to submit data to chrony
> ptrace read peer=/usr/sbin/chronyd,
> # for libusb
> /sys/devices/**/usb[0-9]*/** r,
> # triggered on fusercount, not strictly required and unsafe
FYI, in recent PR discussions[1] we've acknowledged that we should make
it easier to allow different URL schemes into snapd and I laid out some
criteria/process ideas on how to make this happen, and I applied that
criteria to the zoommtg PR and it was merged quickly. I discussed with
Samuele that
Julian, I suspect your snap needs to 'plugs: [ unity7 ]' (which is what
allows using dbusmenu) and that you need to 'snap connect prospect-
mail:unity7'. If the interface is already connected, please fil a new
bug and include the policy denials from journalctl corresponding to when
the
I confirmed that https://people.canonical.com/~ubuntu-archive/proposed-
migration/xenial/update_excuses.html shows no autopkgtest regression for
xenial.
I also ran through the TEST CASE for this bug and xenial passed. Marking
verification-done-xenial
** Tags removed: verification-failed-xenial
I confirmed that https://people.canonical.com/~ubuntu-archive/proposed-
migration/bionic/update_excuses.html shows no autopkgtest regression for
bionic.
I also ran through the TEST CASE for this bug and bionic passed. Marking
verification-done-bionic.
** Tags removed: verification-failed
** Description changed:
[Impact]
Ubuntu 16.10 added rudimentary snap support to disable audio recording if the
connecting process was a snap. By Ubuntu 18.04, something changed in the build
resulting in 'Enable Snappy support: no' with audio recording no longer being
mediated by pulseaudio
This entry:
* swap storms kills interactive use (LP: #1861359)
- SAUCE: mm/page_alloc.c: disable memory reclaim watermark boosting by
default
closed this bug, but per latest comments, that isn't sufficient to
address the issue. Putting back to Confirmed.
** Changed in: linux (Ubuntu
FYI, this supposedly fixes the issue with 3.36:
https://github.com/paradoxxxzero/gnome-shell-system-monitor-
applet/pull/564
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1870285
Title:
extension
Seth, I was getting the same error on a Mate 20.04 daily build a few
days ago. It looks like it was fixed in this patch dealing with the
post install:
http://launchpadlibrarian.net/473854613/grub2-signed_1.139_1.140.diff.gz
--
You received this bug notification because you are a member of
Adding a snapd Ubuntu task, marking as In Progress and assigning to mvo
since he is preparing a 20.04 upload.
** Also affects: snapd (Ubuntu)
Importance: Undecided
Status: New
** Changed in: snapd (Ubuntu Focal)
Assignee: (unassigned) => Michael Vogt (mvo)
** Changed in: snapd
The abstraction is meant to cover the client, not systemd internal
specifics. A client simply accessing that DBus API won't need it and a
client simply accessing those sockets won't need it. It very well might
be that a profiled application is using some *ctl command from systemd
that would need
I will update the policy for the write access. I suggest removing the
crash file in /var/crash, then if you see the crash again, file a new
bug with the crash information (eg, apport-cli if on a server) so it can
be analyzed.
--
You received this bug notification because you are a member of
Thanks!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1871615
Title:
package apparmor 2.13.3-7ubuntu4 failed to install/upgrade: end of
file on stdin at conffile prompt
To manage notifications
Foundations, it seems like unattended-upgrades should be smarter with
conffile changes (honestly, I thought it was)? Note, the security also
saw this in https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1871261.
Is this a regression?
** Also affects: unattended-upgrades (Ubuntu)
Importance:
Per https://launchpadlibrarian.net/473598993/DpkgHistoryLog.txt,
unattended-upgrades is running on this system.
Per
https://launchpadlibrarian.net/473598999/modified.conffile..etc.apparmor.d.abstractions.base.txt,
/etc/apparmor.d/abstraction/base was modified to include:
# adds networking to
Daniel, this is a different cause but same result:
zfs-load-module.service (2ms)
zfs-import-cache.service (8ms)
zfs-import.target
...
var-lib.mount (69ms)
...
snap-multipass-1869.mount (1.358s)
...
apparmor.service (279ms)
...
In this case, apparmor correctly waited for var.lib.mount, but
Adding a snapd bug task.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1871148
Title:
services start before apparmor profiles are loaded
To manage notifications about this bug go to:
FYI, Christian sent up a patch and I responded to it here:
https://www.redhat.com/archives/libvir-list/2020-April/msg00441.html
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1871354
Title:
apparmor
Daniel responded on irc and said after several reboots with the new
apparmor, everything was fine on every boot (though his critical-chain
has var.lib.mount listed).
My attached systemd-analyze plot svg shows that apparmor.service is
indeed starting after var.lib.mount on the VM where the
Here is an 'sudo systemd-analyze plot > ./1871148-vm-no-varlib-
mount.svg' on a focal VM that reports the following critical-chain:
$ sudo systemd-analyze critical-chain apparmor.service
The time when unit became active or started is printed after the "@" character.
The time the unit took to
All that said, Daniel and Jean-Baptiste, I installed 20.04 in a vm and
tried to reproduce this and could not. The apparmor change was about
correctness of the unit so I performed the upload, but I also hoped that
it would address the issue you are seeing.
I'm not certain it will. On one boot,
Marking the zsys task back to New based on my last comment.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1871148
Title:
services start before apparmor profiles are loaded
To manage notifications
Seth, the service starts fine if snapd is not installed and the
mountpoint is not present.
$ sudo systemctl status apparmor
● apparmor.service - Load AppArmor profiles
Loaded: loaded (/lib/systemd/system/apparmor.service; enabled; vendor
preset: enabled)
Active: active (exited) since
Now that there are no apparmor denials, this sounds like something for
the server team to take a look at. Can you file a new bug since this one
was used to address the apparmor denials? Thanks!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
Thank you for reporting a bug and helping to make Ubuntu better.
Based on https://launchpadlibrarian.net/473334677/DpkgTerminalLog.txt:
Preparing to unpack .../archives/ufw_0.36-6_all.deb ...
Unpacking ufw (0.36-6) over (0.36-5) ...
Setting up ufw (0.36-6) ...
Configuration file
** Changed in: apparmor (Ubuntu)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1796911
Title:
libnss-systemd was denied talking to pid1
To manage
4.4.1-2.1ubuntu4 was uploaded for the above. Please let us know if it
doesn't fix the issue for you.
** Changed in: isc-dhcp (Ubuntu)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
FYI, I submitted https://github.com/snapcore/snapd/pull/8443 for this.
** Changed in: snapd
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1869629
Title:
FYI, I added these accesses in
https://github.com/snapcore/snapd/pull/8443
** Also affects: snapd
Importance: Undecided
Status: New
** Changed in: snapd
Status: New => In Progress
** Changed in: snapd
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
--
You re
.
** Changed in: isc-dhcp (Ubuntu)
Importance: Undecided => High
** Changed in: isc-dhcp (Ubuntu)
Status: New => In Progress
** Changed in: isc-dhcp (Ubuntu)
Milestone: None => ubuntu-20.04
** Changed in: isc-dhcp (Ubuntu)
Assignee: (unassigned) => Jamie Strandbo
I uploaded 2.13.3-7ubuntu4 to address this:
https://launchpad.net/ubuntu/+source/apparmor/2.13.3-7ubuntu4
There might be other fixes for zsys, but this should address the issue
in snapd. It is currently in unapproved, but a member of the release
team will hopefully approve it soon.
** Changed
** Changed in: snapd
Status: In Progress => Fix Released
** Changed in: snapd (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1848919
Title:
* Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1848919
Title:
[snap] Permission denied on Private encr
** Changed in: apparmor (Ubuntu)
Status: New => Fix Committed
** Changed in: apparmor (Ubuntu)
Status: Fix Committed => In Progress
** Changed in: apparmor (Ubuntu)
Importance: Undecided => High
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Jami
** Changed in: apparmor (Ubuntu)
Status: Confirmed => In Progress
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Changed in: apparmor (Ubuntu)
Importance: Undecided => High
--
You received this bug notification because you are
pparmor (Ubuntu Focal)
Importance: Undecided => Critical
** Changed in: apparmor (Ubuntu Focal)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launc
I cannot reproduce this.
$ sudo ufw allow 22
$ sudo ufw enable
$ sudo iptables-save && echo SUCCESS
...
SUCCESS
I can see in the output:
$ sudo iptables-save|grep ufw-user-output
:ufw-user-output - [0:0]
-A ufw-before-output -j ufw-user-output
There seems to be something on your system that is
Users seeing this issue should modify IPT_MODULES in /etc/defaults/ufw
to be empty. Ubuntu 20.04 will do this be default and future releases of
ufw will introduce rule syntax for working with helper rules.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
The linux task can be marked as Fix Released since
net/netfilter/nf_conntrack_helper has defaulted to 0 since 4.7.
** Changed in: ufw (Ubuntu)
Status: Triaged => In Progress
** Changed in: linux (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification
; 2.45
** Changed in: snapd
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1869629
Title:
please add /etc/mdns.allow to /etc/a
p already has read/write access to these directories when
/system-data is not prepended. I've taken a todo to send up a PR for
this.
** Also affects: snapd
Importance: Undecided
Status: New
** Changed in: snapd
Status: New => Triaged
** Changed in: snapd
Assignee: (unassigned) =>
Is this a duplicate of
https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1865063?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1866932
Title:
package snapd 2.44~pre1+20.04 failed to
I wonder if this is related to
https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1865063?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1867952
Title:
package snapd 2.44+20.04 failed to
After happening every day for a week, this hasn't happened again since I
logged this bug.
I also disabled Firefox WebRender so maybe that was a contributor.
I'll re-open if I can provide any useful data.
** Changed in: xserver-xorg-video-ati (Ubuntu)
Status: New => Incomplete
--
You
I'm sorry, I misspoke. I accidentally used a cached focal livecd iso
instead of today's. With today's, I do *not* see this issue. Install is
successful and afterward, preinstalled snaps are present and the 'snap
wait system seed.loaded' does not appear in ps.
--
You received this bug
I reproduced my comment #12 just now with today's iso.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1865063
Title:
snapd package hangs on deb postinst
To manage notifications about this bug go
S %CPU %MEM TIME+ COMMAND
200286 jamie 20 0 9007480 4.2g 159064 S 0.0 27.3 6:36.74 Web
Content
410962 libvirt+ 20 0 3428276 572112956 S 0.0 3.5 0:16.71
qemu-system-+
199841 jamie 20 0 3704896 502596 138168 S 2.7 3.1 34:35.49
firefox-bin
** Changed in: snapd
Assignee: Jamie Strandboge (jdstrand) => (unassigned)
** Changed in: snapd
Status: Triaged => Fix Committed
** Changed in: apparmor-profiles
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bu
I also see this after a recent focal upgrade. Seems related to the
3.35.91 gnome-shell stack upgrade.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1865342
Title:
Error: Tried to construct an
I tried today's amd64 daily (http://cdimage.ubuntu.com/daily-
live/current/) in a vm and found that this never seemed to return:
root 499 0.2 0.8 639712 22456 ?Ssl 12:04 0:00
/usr/bin/snap wait system seed.loaded
If I kill that process, then the install proceeds (but on
Actually, I saw that 'snap wait system seed.loaded' on first boot, not
during the install (sorry)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1865063
Title:
snapd package hangs on deb postinst
: In Progress => Invalid
** Changed in: iptables (Ubuntu)
Assignee: Jamie Strandboge (jdstrand) => (unassigned)
** Changed in: iptables (Ubuntu)
Importance: Medium => Undecided
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubun
We've discussed this in the past and it was determined that 'aa-status'
is to be part of every apparmor minimal install (which is why it is in
apparmor and all the other python tools are in apparmor-utils) so
splitting out of apparmor-minimal doesn't really work with this
thinking.
Perhaps moving
/alternatives is setup ok:
$ ls -l /etc/alternatives/ip6tables
lrwxrwxrwx 1 root root 26 Mar 2 10:12 /etc/alternatives/ip6tables ->
/usr/sbin/ip6tables-legacy
This breaks, for example, ufw when the system is setup for nft.
** Affects: iptables (Ubuntu)
Importance: Medium
Assignee: Ja
pulseaudio is deprecated now in favor of audio-playback, but audio-
playback has:
/etc/pulse/* r,
and pulseaudio has:
/etc/pulse/** r,
We need to adjust the audio-playback interface to have '**'. I'll be
doing this in my next batch of policy updates (likely next week).
--
You received
** Changed in: snapd
Status: New => Triaged
** Changed in: snapd
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1865282
Title:
** Changed in: iptables (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Changed in: iptables (Ubuntu)
Status: Confirmed => Triaged
** Changed in: iptables (Ubuntu)
Status: Triaged => In Progress
** Changed in: iptables (Ubuntu)
Status: In
** Changed in: apparmor (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1861250
Title:
Apparmor error failed to start profiles
To manage notifications about
I'm Not 100% sure it's the same issue but there are many similarities to
the original issue.
My issue only happens after after I try to wake the laptop from sleep.
What I've been encountering:
1. Boot computer, boot proceeds normally, can log-in, all is good.
2. Suspend laptop
3. On wake, just
Seth, I suspect if you stop the snap and restart it, these errors will
go away.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1864127
Title:
apparmor denies ~/snap/chromium/ writes
To manage
$ aa-decode
2F686F6D652F7361726E6F6C642F736E61702F6368726F6D69756D2F313032362F2E636F6E6669672F6368726F6D69756D2F44656661756C742F53796E6320446174612F53796E63446174612E73716C697465332D6A6F75726E616C
Decoded: /home/sarnold/snap/chromium/1026/.config/chromium/Default/Sync
201 - 300 of 21217 matches
Mail list logo