Activity log for bug #1214979

Date Who What changed Old value New value Message
2013-08-21 15:36:40 Serge Hallyn bug added bug
2013-08-21 15:37:17 Serge Hallyn apparmor (Ubuntu): status New Confirmed
2013-08-21 17:01:00 Tim Gardner nominated for series Ubuntu Precise
2013-08-21 17:01:00 Tim Gardner bug task added apparmor (Ubuntu Precise)
2013-08-21 17:01:24 Tim Gardner apparmor (Ubuntu Precise): status New In Progress
2013-08-21 17:01:24 Tim Gardner apparmor (Ubuntu Precise): assignee Tim Gardner (timg-tpi)
2013-08-21 17:06:45 Tim Gardner attachment added This is a minimal fix to apparmor 2.8 for cache failures when the feature file is larger than the feature buffer used for cache version comparison. https://bugs.launchpad.net/ubuntu/precise/+source/apparmor/+bug/1214979/+attachment/3780927/+files/0041-parser-fix-flags.patch
2013-08-21 17:08:26 Tim Gardner apparmor (Ubuntu): status Confirmed Fix Released
2013-08-26 16:35:14 Tim Gardner apparmor (Ubuntu Precise): status In Progress Fix Committed
2013-08-27 00:58:06 Seth Arnold attachment added apparmor_2.7.102-0ubuntu3.9.debdiff https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1214979/+attachment/3789224/+files/apparmor_2.7.102-0ubuntu3.9.debdiff
2013-08-27 01:08:03 Seth Arnold description The 0041-parser-fix-flags.patch patch from saucy's apparmor needs to be cherrypicked to precise. Without it, using the saucy upstream kernel, installing lxc gives me a "Feature buffer full" error message, and lxc postinst fails. [Impact] * Users running Saucy or newer kernels on 12.04 LTS release cannot load AppArmor profiles due to a fixed-size buffer in the apparmor_parser binary. * As a result of this failure, lxc could not install, and no programs would run confined, when a user installed a Saucy or newer kernel. * This upload cherry picks a fix from Saucy that increases the size of the fixed buffer from 1024 to 8192 bytes. This is expected to be large enough. [Test Case] * apt-add-repository ppa:ubuntu-x-swat/s-lts-backport apt-get update apt-get install linux-generic-lts-saucy shutdown -r now /etc/init.d/apparmor reload apt-get install lxc aa-status * Without the fix, the reload and install lxc commands should fail, and aa-status would report no loaded profiles. With the fix, the reload and install lxc commands succeed, and aa-status reports many loaded profiles. [Regression Potential] * If a future kernel requires more than 8192 bytes of buffer to describe features, this will again break. The AppArmor 3.0 upstream release is expected to dynamically allocate the size of this buffer if the buffer should again prove to be too small, and such a hypothesized patch can be cherry-picked again. [Other Info] * I revalidated this bug as well as 982619, 987578, and 1091642. Thanks Seth Arnold [Original report] The 0041-parser-fix-flags.patch patch from saucy's apparmor needs to be cherrypicked to precise. Without it, using the saucy upstream kernel, installing lxc gives me a "Feature buffer full" error message, and lxc postinst fails.
2013-08-27 02:35:21 Seth Arnold description [Impact] * Users running Saucy or newer kernels on 12.04 LTS release cannot load AppArmor profiles due to a fixed-size buffer in the apparmor_parser binary. * As a result of this failure, lxc could not install, and no programs would run confined, when a user installed a Saucy or newer kernel. * This upload cherry picks a fix from Saucy that increases the size of the fixed buffer from 1024 to 8192 bytes. This is expected to be large enough. [Test Case] * apt-add-repository ppa:ubuntu-x-swat/s-lts-backport apt-get update apt-get install linux-generic-lts-saucy shutdown -r now /etc/init.d/apparmor reload apt-get install lxc aa-status * Without the fix, the reload and install lxc commands should fail, and aa-status would report no loaded profiles. With the fix, the reload and install lxc commands succeed, and aa-status reports many loaded profiles. [Regression Potential] * If a future kernel requires more than 8192 bytes of buffer to describe features, this will again break. The AppArmor 3.0 upstream release is expected to dynamically allocate the size of this buffer if the buffer should again prove to be too small, and such a hypothesized patch can be cherry-picked again. [Other Info] * I revalidated this bug as well as 982619, 987578, and 1091642. Thanks Seth Arnold [Original report] The 0041-parser-fix-flags.patch patch from saucy's apparmor needs to be cherrypicked to precise. Without it, using the saucy upstream kernel, installing lxc gives me a "Feature buffer full" error message, and lxc postinst fails. [Impact]  * Users running Saucy or newer kernels on 12.04 LTS release cannot load    AppArmor profiles due to a fixed-size buffer in the apparmor_parser binary.  * As a result of this failure, lxc could not install, and no programs would    run with AppArmor confinement, when a user installed a Saucy or newer kernel.  * This upload cherry picks a fix from Saucy that increases the size of the    fixed buffer from 1024 to 8192 bytes. This is expected to be large enough. [Test Case]  * apt-add-repository ppa:ubuntu-x-swat/s-lts-backport    apt-get update    apt-get install linux-generic-lts-saucy    shutdown -r now    /etc/init.d/apparmor reload    apt-get install lxc    aa-status  * Without the fix, the reload and install lxc commands fail, and    aa-status would report no loaded profiles.    With the fix, the reload and install lxc commands succeed, and    aa-status reports many loaded profiles. [Regression Potential]  * If a future kernel requires more than 8192 bytes of buffer to describe    features, this will again break. The AppArmor 3.0 upstream release is    expected to dynamically allocate the size of this buffer if the buffer    should again prove to be too small, and such a hypothesized patch can be    cherry-picked again. [Other Info]  * I verified this bug as well as #982619, #987578, and #1091642. Thanks Seth Arnold [Original report] The 0041-parser-fix-flags.patch patch from saucy's apparmor needs to be cherrypicked to precise. Without it, using the saucy upstream kernel, installing lxc gives me a "Feature buffer full" error message, and lxc postinst fails.
2013-08-27 19:58:59 Adam Conrad bug added subscriber Ubuntu Stable Release Updates Team
2013-08-27 19:59:03 Adam Conrad bug added subscriber SRU Verification
2013-08-27 19:59:11 Adam Conrad tags verification-needed
2013-08-27 20:08:25 Launchpad Janitor branch linked lp:ubuntu/precise-proposed/apparmor
2013-08-27 22:57:08 Seth Arnold tags verification-needed verification-done
2013-08-28 07:15:15 Jan Kellermann bug added subscriber Jan Kellermann
2013-09-04 15:19:11 Launchpad Janitor apparmor (Ubuntu Precise): status Fix Committed Fix Released
2013-09-04 15:19:17 Colin Watson removed subscriber Ubuntu Stable Release Updates Team
2015-09-29 10:06:15 gustavo panizzo bug added subscriber gustavo panizzo