This bug is annoying in that there isn't a single switch to toggle to work around it. You can pin the feature file but getting the feature file you want requires some editing, or booting into a 4.13 upstream kernel (at which point you loose the other features landed in 4.14).
To pin the features file you will want to edit /etc/apparmor/parser.conf and add #Pin the used features to features-file=/etc/apparmor/features To obtain the features file you can reboot into an upstream 4.13 kernel copy the features file from the cache (remember this will result in loss of other features landed in 4.14) cp /etc/apparmor.d/cache/.features /etc/apparmor/features Or you use the hand edited features 4.14 feature file attached. Remember that once this feature file is set you won't be picking up new features so ideally you will need to remove the feature file pinning at some point in the future. ** Attachment added: "apparmor 4.14 feature file minus network support" https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1721278/+attachment/4975220/+files/features -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1721278 Title: apparmor="DENIED" operation="create" profile="/usr/sbin/cups-browsed" w/ 4.14-rc2 and later To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1721278/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
