[Bug 2069461] Re: AppArmor profiles missing in kernel 5.15 on jammy

Ryan Hill 2069461 at bugs.launchpad.net
Tue Jun 18 14:56:30 UTC 2024 

Problem was mis-identified. Appropriate source for FIPS has changed
leading to the use of an outdated kernel in testing. This issue can be
closed without action

** Changed in: livecd-rootfs (Ubuntu)
       Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to livecd-rootfs in Ubuntu.
https://bugs.launchpad.net/bugs/2069461

Title:
  AppArmor profiles missing in kernel 5.15 on jammy

Status in livecd-rootfs package in Ubuntu:
  Invalid

Bug description:
  Upcoming Ubuntu Jammy FIPS images will be using the 5.15 kernel.
  During our pre-publication testing the public cloud team noticed
  failures in our snap_preseed_optimized test which checks to ensure
  that snaps are preseeded correctly.

  This test checks the output of `snap debug seeding` to assert `seed-
  completion` is present and not empty.

  ``
  ❯ snap debug seeding
  seeded: true
  preseeded: true
  image-preseeding: 39.367s
  seed-completion: 1.335s
  ```

  If `/var/lib/snapd/seed/seed.yaml` exists it also asserts that
  `preseeded` is present and not empty.

  With the 5.15 kernel this test is failing which indicates a kernel feature mismatch between
  the running kernel and the feature set hard-coded in livecd-rootfs for this image.
  Boot will be slowed by ~200ms until this is resolved in livecd-rootfs.

  This solution is to add a 5.15 apparmor configuration to the jammy
  branch of livecd-rootfs

  [ Impact ]

  Boot will be slowed by ~200ms until this is resolved in livecd-rootfs

  [ Test Plan ]

   * for jammy build any cloud image with preseeded snaps with up to date 5.15 kernel (ec2-pro-fips builds prompted this)
   * boot
   * run `snap debug seeding`
   * assert the test described above passes

  [ Where problems could occur ]

   * If these changes do not resolve the preseeding issue, then a
  feature mismatch will remain as will the ~200ms boot delay. This will
  require further iteration, but no degradation is expected

  [ Other Info ]

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/2069461/+subscriptions

More information about the foundations-bugs mailing list