apparmor is broken for kernel 4.14
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Several critical systems are broken with the default Ubuntu 17.10 apparmor profile when booting in kernel 4.14, eg DHCP/networking and mysql-server.
I got it working by applying the attached patch from the /etc directory. The patch is mostly based on the patch provided in comment #34 in the upstream bug at https:/
apparmor="DENIED" operation="create" profile=
ProblemType: Bug
DistroRelease: Ubuntu 17.10
Package: apparmor 2.11.0-2ubuntu17
ProcVersionSign
Uname: Linux 4.14.0-rc5-generic x86_64
ApportVersion: 2.20.7-0ubuntu3
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Wed Oct 18 12:59:38 2017
InstallationDate: Installed on 2017-08-16 (62 days ago)
InstallationMedia: Ubuntu 17.04 "Zesty Zapus" - Release amd64 (20170412)
JournalErrors:
Error: command ['journalctl', '-b', '--priority=
Users in the 'systemd-journal' group can see all messages. Pass -q to
turn off this notice.
No journal files were opened due to insufficient permissions.
ProcKernelCmdline: BOOT_IMAGE=
SourcePackage: apparmor
UpgradeStatus: Upgraded to artful on 2017-08-17 (62 days ago)
modified.
mtime.conffile.
Status changed to 'Confirmed' because the bug affects multiple users.