Public bug reported:
After stgraber reported unexpected AppArmor denials when lxc was trying
to pivot_root(), I wrote some tests for AppArmor's regression test
suite.
The pivot_root syntax looks like this:
[audit] [deny] pivot_root [oldroot=put_old] [new_root] [->
new_profile],
If [oldroot=put_old] or [new_root] are specified, AppArmor always denies
the pivot_root(). I've verified this to be the case in Trusty and 12.04
LTS.
** Affects: apparmor (Ubuntu)
Importance: Medium
Assignee: John Johansen (jjohansen)
Status: Triaged
** Tags: kernel-bot-stop-nagging
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1305244
Title:
AppArmor always denies pivot_root when mediation rules contain put_old
or new_root
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1305244/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
