Public bug reported:
This concerns apparmor 3.0.4-2ubuntu2 in Ubuntu jammy.
When I run a command like aa-teardown(8), it will mount securityfs on
/sys/kernel/security if this is not already mounted.
On bare metal, this is reasonable. But in a chroot environment, the
command should probably exit without taking any action, not unlike what
systemd does: "Running in chroot, ignoring command 'daemon-reload'".
I see that the functions script already has logic addressing AppArmor in
container environments, but it appears that the chroot scenario has not
been addressed.
** Affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1965923
Title:
rc.apparmor.functions should not mount /sys/kernel/security inside a
chroot environment
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1965923/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
