** Description changed:
+ [ Impact ]
+
+ * An explanation of the effects of the bug on users and
+
+ * justification for backporting the fix to the stable release.
+
+ * In addition, it is helpful, but not required, to include an
+ explanation of how the upload fixes this bug.
+
+ [ Test Plan ]
+
+ * detailed instructions how to reproduce the bug
+
+ * these should allow someone who is not familiar with the affected
+ package to reproduce the bug and verify that the updated package fixes
+ the problem.
+
+ * if other testing is appropriate to perform before landing this update,
+ this should also be described here.
+
+ [ Where problems could occur ]
+
+ * Think about what the upload changes in the software. Imagine the change is
+ wrong or breaks something else: how would this show up?
+
+ * It is assumed that any SRU candidate patch is well-tested before
+ upload and has a low overall risk of regression, but it's important
+ to make the effort to think about what ''could'' happen in the
+ event of a regression.
+
+ * This must '''never''' be "None" or "Low", or entirely an argument as to why
+ your upload is low risk.
+
+ * This both shows the SRU team that the risks have been considered,
+ and provides guidance to testers in regression-testing the SRU.
+
+ [ Other Info ]
+
+ * Anything else you think is useful to include
+ * Anticipate questions from users, SRU, +1 maintenance, security teams and
the Technical Board
+ * and address these questions in advance
+
+ [ Original Description ]
+
ubuntu-advantage-tools 32.3~18.04 is causing a new apparmor denial on
Bionic when updating:
[ 8091.769560] audit: type=1400 audit(1717273124.410:121):
apparmor="DENIED" operation="open" profile="ubuntu_pro_esm_cache//dpkg"
name="/var/lib/dpkg/arch" pid=10358 comm="dpkg" requested_mask="r"
denied_mask="r" fsuid=0 ouid=0
Fix:
--- /etc/apparmor.d/ubuntu_pro_esm_cache.orig 2024-06-01 22:31:28.276735437
+0200
+++ /etc/apparmor.d/ubuntu_pro_esm_cache 2024-06-01 22:31:07.163884846
+0200
@@ -174,6 +174,8 @@
-
- /etc/dpkg/** r,
-
+
+ /etc/dpkg/** r,
+
+ /var/lib/dpkg/** r,
+
- /{,usr/}bin/dpkg mr,
-
- }
+ /{,usr/}bin/dpkg mr,
+
+ }
** Also affects: ubuntu-advantage-tools (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: ubuntu-advantage-tools (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: ubuntu-advantage-tools (Ubuntu Oracular)
Importance: Undecided
Assignee: Andreas Hasenack (ahasenack)
Status: In Progress
** Also affects: ubuntu-advantage-tools (Ubuntu Mantic)
Importance: Undecided
Status: New
** Also affects: ubuntu-advantage-tools (Ubuntu Noble)
Importance: Undecided
Status: New
** Also affects: ubuntu-advantage-tools (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: ubuntu-advantage-tools (Ubuntu Focal)
Importance: Undecided
Status: New
** Changed in: ubuntu-advantage-tools (Ubuntu Xenial)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: ubuntu-advantage-tools (Ubuntu Bionic)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: ubuntu-advantage-tools (Ubuntu Focal)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: ubuntu-advantage-tools (Ubuntu Jammy)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: ubuntu-advantage-tools (Ubuntu Mantic)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: ubuntu-advantage-tools (Ubuntu Noble)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: ubuntu-advantage-tools (Ubuntu Xenial)
Status: New => In Progress
** Changed in: ubuntu-advantage-tools (Ubuntu Bionic)
Status: New => In Progress
** Changed in: ubuntu-advantage-tools (Ubuntu Focal)
Status: New => In Progress
** Changed in: ubuntu-advantage-tools (Ubuntu Jammy)
Status: New => In Progress
** Changed in: ubuntu-advantage-tools (Ubuntu Mantic)
Status: New => In Progress
** Changed in: ubuntu-advantage-tools (Ubuntu Noble)
Status: New => In Progress
** Changed in: ubuntu-advantage-tools (Ubuntu Xenial)
Importance: Undecided => Medium
** Changed in: ubuntu-advantage-tools (Ubuntu Bionic)
Importance: Undecided => Medium
** Changed in: ubuntu-advantage-tools (Ubuntu Focal)
Importance: Undecided => Medium
** Changed in: ubuntu-advantage-tools (Ubuntu Jammy)
Importance: Undecided => Medium
** Changed in: ubuntu-advantage-tools (Ubuntu Mantic)
Importance: Undecided => Medium
** Changed in: ubuntu-advantage-tools (Ubuntu Noble)
Importance: Undecided => Medium
** Changed in: ubuntu-advantage-tools (Ubuntu Oracular)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2067810
Title:
New Apparmor denial with ubuntu-advantage-tools on bionic
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2067810/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
