** Description changed: + [ Impact ] + + * Fix autopkgtests on armhf that fail due to Canonical infrastructure + disallowing apparmor access + + [ Test Plan ] + + * without the patch, autopkgtests fail on armhf due to lacking access to the apparmor api because of permission restrictions in the testing container + * with the applied patch, armhf tests can succeed + + [ Where problems could occur ] + + * this just changes the test, no change is expected in the resulting + binary packages. + + [ Analysis ] + The armhf DEP8 testers in Ubuntu infrastructure have some restrictions and cannot change an apparmor profile. This is causing the tests to fail, because they try to make sure rsyslog is being tested in enforced mode: Enforcing the /etc/apparmor.d/usr.sbin.rsyslogd apparmor profile Setting /etc/apparmor.d/usr.sbin.rsyslogd to enforce mode. ERROR: /sbin/apparmor_parser: Unable to replace "rsyslogd". Permission denied; attempted to load a profile while confined? The package migrated to lunar even with this error because it never had DEP8 tests before, and the armhf baseline was born in this error state. These are the LXD settings used for armhf containers: https://git.launchpad.net/autopkgtest- cloud/tree/charms/focal/autopkgtest-cloud-worker/autopkgtest- cloud/tools/armhf-lxd.userdata#n76 I created an armhf container on a pi4 host (arm64) with these settings, but couldn't reproduce the issue there. There is something else going on in the autopkgtest infra regarding arhmf. FTR, I created the container like this: lxc launch ubuntu-daily:lunar pi4:l-armhf \ -c raw.lxc="apparmor.profile=unconfined" \ -c raw.lxc="seccomp.profile=" \ -c security.nesting=true EDIT: hm, the above actually doesn't work. Only the last raw.lxc value is used. See https://blog.simos.info/how-to-add-multi-line-raw-lxc- configuration-to-lxd/ But still, apparmor works just fine. There is some other setup going on in the autopkgtest infrastructure.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2008393 Title: armhf dep8 failure due to restrictions changing apparmor profile status To manage notifications about this bug go to: https://bugs.launchpad.net/auto-package-testing/+bug/2008393/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
