ufw requirements not met by goldfish config
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux-goldfish (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
I ran the security image tests under the x86 emulator and discovered that the kernel configuration is not sufficient to use ufw. Granted, using ufw under the x86 touch emulator is itself a bit of a corner case, however, there shouldn't be a reason to exclude these netfilter options and if the emulator is going to become a touch image smoke test target (eg, http://
Steps to reproduce:
1. create and start the emulator (use --revision=NN with 'create' when using already downloaded images in $HOME/emulator ubuntu-emulator). Eg:
$ sudo XDG_CACHE_
$ ubuntu-emulator run --scale=0.5 test_x86
2. run the check-requirements script:
$ adb shell /usr/share/
hashlimit: FAIL
limit: FAIL
ctstate (new, recent set): FAIL (no runtime support)
ctstate (new, recent update): FAIL (no runtime support)
ctstate (new, limit): FAIL
multiport: FAIL
comment: FAIL
addrtype (LOCAL): FAIL
addrtype (MULTICAST): FAIL
addrtype (BROADCAST): FAIL
hashlimit: FAIL
limit: FAIL
ctstate (new, recent set): FAIL (no runtime support)
ctstate (new, recent update): FAIL (no runtime support)
ctstate (new, limit): FAIL
multiport: FAIL
comment: FAIL
icmpv6 with hl (neighbor-
icmpv6 with hl (neighbor-
icmpv6 with hl (router-
icmpv6 with hl (router-
ipv6 rt: FAIL
This easiest thing to do would be to use the same netfilter options as on generic or mako.
description: | updated |
This is still affecting goldfish with:
Linux version 3.4.0-4-goldfish (buildd@aatxe) (gcc version 4.7.4 (Ubuntu/Linaro 4.7.4-1ubuntu2) ) #20-Ubuntu PREEMPT Thu Jul 17 17:11:34 UTC 2014
These tests are part of smoke testing, so if goldfish is ever going to be used as part of smoketesting, this will need to be fixed.