AppArmor's signal handling is a bit more involved than eg capabilities or file accesses: both the sender profile and receiver profile need to have signal rules to allow sending the signal or receiving the signal, as appropriate.
23.10 and 24.04 LTS have introduced restrictions on unprivileged namespaces to try to mitigate against kernel exploits. The details have changed between 23.10 and 24.04 LTS, so it's possible that upgrading to 24.04 LTS will be sufficient to fix this -- especially if the AppArmor profiles have been updated during the development cycle. I'm not sure what exactly to suggest as I don't know the various kinds of Docker available, where the profiles live, etc. But hopefully these hints will help you get to a fix. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2063099 Title: Stopping container signal blocked by AppArmor on Ubuntu To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/2063099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
