[Touch-packages] [Bug 2039294] Re: apparmor docker

Sat, 18 Nov 2023 11:35:52 -0800 

Great job, just to be clear copied the same dmesg line from earlier as
it was a bit time consuming to move from virtual machine.

runc needs to be able to send any signal.


[35885.316617] audit: type=1400 audit(1700335230.173:423510): apparmor="DENIED" 
operation="signal" class="signal" profile="docker-default" pid=61658 
comm="runc" requested_mask="receive" denied_mask="receive" signal=term 
peer="/usr/sbin/runc"
[35901.315862] audit: type=1400 audit(1700335246.173:423952): apparmor="DENIED" 
operation="signal" class="signal" profile="docker-default" pid=61744 
comm="runc" requested_mask="receive" denied_mask="receive" signal=kill 
peer="/usr/sbin/runc"
[35920.822695] audit: type=1400 audit(1700335265.681:424397): apparmor="DENIED" 
operation="signal" class="signal" profile="docker-default" pid=62025 
comm="runc" requested_mask="receive" denied_mask="receive" signal=int 
peer="/usr/sbin/runc"

Is any action required from me?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2039294

Title:
  apparmor docker

Status in apparmor package in Ubuntu:
  Incomplete

Bug description:
  No LSB modules are available.
  Distributor ID: Ubuntu
  Description:    Ubuntu 23.10
  Release:        23.10
  Codename:       mantic

  
  Docker version 24.0.5, build 24.0.5-0ubuntu1

  
  Graceful shutdown doesn't work anymore due to SIGTERM and SIGKILL (maybe all 
signals?) doesn't reach the target process. Works when apparmor is uninstalled.

  
  [17990.085295] audit: type=1400 audit(1697213244.019:981): apparmor="DENIED" 
operation="signal" class="signal" profile="docker-default" pid=172626 
comm="runc" requested_mask="receive" denied_mask="receive" signal=term 
peer="/usr/sbin/runc"
  [17992.112517] audit: type=1400 audit(1697213246.043:982): apparmor="DENIED" 
operation="signal" class="signal" profile="docker-default" pid=172633 
comm="runc" requested_mask="receive" denied_mask="receive" signal=kill 
peer="/usr/sbin/runc"

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2039294/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to