Should I try to update kernel on production machine ? Il giorno 07/nov/2013, alle ore 16:48, Serge Hallyn <[email protected]> ha scritto:
> Great news - libvirt bug 1248577 is also fixed with this kernel! > > Thanks, John. > > -- > You received this bug notification because you are subscribed to a > duplicate bug report (1248577). > https://bugs.launchpad.net/bugs/1236455 > > Title: > Running tasks are not subject to reloaded policies > > Status in “apparmor” package in Ubuntu: > Confirmed > Status in “apparmor” source package in Saucy: > Confirmed > Status in “apparmor” source package in Trusty: > Confirmed > > Bug description: > As of saucy, if you start /usr/bin/foo under an existing policy defined > in /etc/apparmor.d/usr.bin.foo, then reload /etc/apparmor.d/usr.bin.foo > with updated permissions, then the running tasks is not subject to the > new permissions. > > A testcase is at http://people.canonical.com/~serge/aa_exec.tgz . This > passes in precise, and fails in saucy. > > This came up in the libvirt regression testsuite. When it tries to > virsh attach-device, then the existing libvirt task's policy must be > updated to allow it to access the new device image file. The test fails > with EACCESS trying to open the image file after loading the new policy. > > To manage notifications about this bug go to: > https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1236455/+subscriptions Ing. Luca Lazzeroni - Trend Servizi Srl Responsabile R&D http://www.trendservizi.it -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1236455 Title: Running tasks are not subject to reloaded policies To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1236455/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
