Ubuntu
apparmor package

Update usr.sbin.dnsmasq profile for network api in lxd

Bug #1631409 reported by hda_launchpad on 2016-10-07

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	apparmor (Ubuntu)	New	Undecided	Unassigned

Bug Description

Intro:
Currently dnsmasq profile includes extra rights for lxd. Current usr.sbin.dnsmasq profile works with current lxd from xenial repository. But in lxd git (available in lxd-git-master ppa now) version network api was introduced, and since lxd quite active, is not too long since new lxd will be xenial repository. And that means people will lose network in all containers in production in future. This could be fixed with this extra rule in usr.sbin.dnsmasq profile:
/var/lib/lxd/networks/** rw,
in usr.sbin.dnsmasq profile.

1) Ubuntu 16.04.1 LTS

2) apparmor-profiles (currently 2.10.95-0ubuntu2.4). I couldn't select apparmor-profiles, only apparmor or apparmor-profiles-extra. Don't know why, mb launchpad bug.

3) What you expected to happen:
network in lxd will start

4) apparmor usr.sbin.dnsmasq profile blocks network in new lxd version

Bug original source:
https://github.com/lxc/lxd-pkg-ubuntu/issues/21

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuapparmor package

Update usr.sbin.dnsmasq profile for network api in lxd

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
apparmor package