APPLIED: [SRU Bionic/Focal 0/1] lxd exec fails
Stefan Bader
stefan.bader at canonical.com
Fri Jul 2 08:55:04 UTC 2021
On 30.06.21 20:35, Thadeu Lima de Souza Cascardo wrote:
> BugLink: https://bugs.launchpad.net/bugs/1934187
>
> [Impact]
> lxd will not work, as lxc exec is not able to set the apparmor confinement and bails out executing inside the container.
>
> [Fix]
> Revert upstream commit bfb819ea20ce8bbeeba17e1a6418bf8bda91fc28 ("proc: Check /proc/$pid/attr/ writes against file opener").
>
> [Test case]
> lxd basic usage test suite was run.
> On a 4.15 kernel, the whole lxd autopkgtest was run.
>
> [Potential regression]
> Unprivileged use of PID attributes may be permitted when they shouldn't.
>
>
> Thadeu Lima de Souza Cascardo (1):
> UBUNTU: SAUCE: Revert "proc: Check /proc/$pid/attr/ writes against
> file opener"
>
> fs/proc/base.c | 4 ----
> 1 file changed, 4 deletions(-)
>
Applied to focal+bionic:linux/master-prep. Note that for Bionic cranking will be
delayed a bit. Thanks.
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20210702/dab33c17/attachment.sig>
More information about the kernel-team
mailing list